urlscan.io logo urlscan.io
SecurityTrails logo

securityintelligence.com Open in urlscan Pro
2606:4700:3033::ac43:86d6  Public Scan

Go To Rescan Add Verdict Report
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Submission: On April 26 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 2 countries across 29 domains to perform 120 HTTP transactions. The main IP is 2606:4700:3033::ac43:86d6, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityintelligence.com. The Cisco Umbrella rank of the primary domain is 404233.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time securityintelligence.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 2606:4700:303... 13335 (CLOUDFLAR...)
14 2607:f8b0:400... 15169 (GOOGLE)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:141b:900... 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
9 2607:f8b0:400... 15169 (GOOGLE)
3 2600:9000:220... 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
1 23.3.114.203 16625 (AKAMAI-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
14 104.77.220.194 16625 (AKAMAI-AS)
1 23.5.232.186 16625 (AKAMAI-AS)
7 54.149.36.69 16509 (AMAZON-02)
1 13.225.64.15 16509 (AMAZON-02)
1 13.226.31.55 16509 (AMAZON-02)
1 9 96.17.65.31 16625 (AKAMAI-AS)
2 52.1.60.235 14618 (AMAZON-AES)
1 151.101.208.157 54113 (FASTLY)
1 2 52.1.175.157 14618 (AMAZON-AES)
1 3.219.153.61 14618 (AMAZON-AES)
2 104.244.42.131 13414 (TWITTER)
1 104.244.42.69 13414 (TWITTER)
2 52.0.123.240 14618 (AMAZON-AES)
3 3 35.190.60.146 15169 (GOOGLE)
1 2 13.225.223.120 16509 (AMAZON-02)
1 13.225.223.21 16509 (AMAZON-02)
3 13.225.64.21 16509 (AMAZON-02)
1 1 52.4.86.119 14618 (AMAZON-AES)
1 1 103.229.206.240 30419 (MEDIAMATH...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 34.111.234.236 15169 (GOOGLE)
120 29
27    2606:4700:3033::ac43:86d6 (United States)

ASN13335 (CLOUDFLARENET, US)
securityintelligence.com
14    2607:f8b0:4006:81c::2001 (Staten Island, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2600:141b:9000:495::b3a (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
1.www.s81c.com
www-api.ibm.com
2    2607:f8b0:4006:822::2008 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4006:808::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
9    2607:f8b0:4006:80e::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2600:9000:2209:d000:f:fcff:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)
images-cdn.welcomesoftware.com
5    2607:f8b0:4006:81e::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    23.3.114.203 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-114-203.deploy.static.akamaitechnologies.com
api.www.s81c.com
2    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
14    104.77.220.194 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-220-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    23.5.232.186 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-232-186.deploy.static.akamaitechnologies.com
cloud.ibm.com
7    54.149.36.69 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-36-69.us-west-2.compute.amazonaws.com
dpm.demdex.net
ibm.demdex.net
1    13.225.64.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-64-15.ewr53.r.cloudfront.net
consent.truste.com
1    13.226.31.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-55.ewr53.r.cloudfront.net
scripts.demandbase.com
9    96.17.65.31 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-65-31.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    52.1.60.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-60-235.compute-1.amazonaws.com
collect.tealiumiq.com
1    151.101.208.157 (Newark, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    52.1.175.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-175-157.compute-1.amazonaws.com
sync.crwdcntrl.net
1    3.219.153.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-153-61.compute-1.amazonaws.com
pixel.newscred.com
2    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
2    52.0.123.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-123-240.compute-1.amazonaws.com
visitor-service-us-east-1.tealiumiq.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
2    13.225.223.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-120.jfk51.r.cloudfront.net
segments.company-target.com
1    13.225.223.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-21.jfk51.r.cloudfront.net
api.company-target.com
3    13.225.64.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-64-21.ewr53.r.cloudfront.net
consent.trustarc.com
1    52.4.86.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-86-119.compute-1.amazonaws.com
cm.everesttech.net
1    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
Apex Domain
Subdomains		 Transfer
27 securityintelligence.com
securityintelligence.com — Cisco Umbrella Rank: 404233
244 KB
14 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 934
140 KB
14 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 384
223 KB
10 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1138
sync.mathtag.com — Cisco Umbrella Rank: 419
10 KB
9 gstatic.com
fonts.gstatic.com
166 KB
7 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 199
ibm.demdex.net — Cisco Umbrella Rank: 30600
9 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
4 tealiumiq.com
collect.tealiumiq.com — Cisco Umbrella Rank: 2836
visitor-service-us-east-1.tealiumiq.com — Cisco Umbrella Rank: 6924
2 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 864
44 KB
3 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 2911
27 KB
3 company-target.com
segments.company-target.com — Cisco Umbrella Rank: 1171
api.company-target.com — Cisco Umbrella Rank: 2903
2 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 553
idsync.rlcdn.com — Cisco Umbrella Rank: 294
800 B
3 welcomesoftware.com
images-cdn.welcomesoftware.com — Cisco Umbrella Rank: 331412
628 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
3 KB
3 s81c.com
1.www.s81c.com — Cisco Umbrella Rank: 51673
api.www.s81c.com — Cisco Umbrella Rank: 68552
100 KB
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 498
428 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 600
836 B
2 ibm.com
cloud.ibm.com — Cisco Umbrella Rank: 38060
www-api.ibm.com — Cisco Umbrella Rank: 56558
4 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 80
467 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 58
76 KB
1 ml314.com
ml314.com — Cisco Umbrella Rank: 1540
407 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 209
614 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 916
517 B
1 t.co
t.co — Cisco Umbrella Rank: 486
335 B
1 newscred.com
pixel.newscred.com — Cisco Umbrella Rank: 115183
206 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 582
10 KB
1 demandbase.com
scripts.demandbase.com — Cisco Umbrella Rank: 5667
19 KB
1 truste.com
consent.truste.com — Cisco Umbrella Rank: 4458
4 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1134
5 KB
120 29
Domain Requested by
27 securityintelligence.com securityintelligence.com
static.cloudflareinsights.com
14 tags.tiqcdn.com 1.www.s81c.com
tags.tiqcdn.com
securityintelligence.com
14 cdn.ampproject.org securityintelligence.com
cdn.ampproject.org
9 pixel.mathtag.com 1 redirects tags.tiqcdn.com
pixel.mathtag.com
securityintelligence.com
9 fonts.gstatic.com fonts.googleapis.com
6 dpm.demdex.net tags.tiqcdn.com
securityintelligence.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
securityintelligence.com
4 unpkg.com 2 redirects securityintelligence.com
3 consent.trustarc.com consent.truste.com
securityintelligence.com
3 images-cdn.welcomesoftware.com securityintelligence.com
3 fonts.googleapis.com securityintelligence.com
2 segments.company-target.com 1 redirects securityintelligence.com
2 id.rlcdn.com 2 redirects
2 visitor-service-us-east-1.tealiumiq.com tags.tiqcdn.com
2 analytics.twitter.com securityintelligence.com
2 sync.crwdcntrl.net 1 redirects securityintelligence.com
2 collect.tealiumiq.com tags.tiqcdn.com
2 stats.g.doubleclick.net www.google-analytics.com
2 www.googletagmanager.com securityintelligence.com
www.googletagmanager.com
2 1.www.s81c.com securityintelligence.com
tags.tiqcdn.com
1 ml314.com 1 redirects
1 c.bing.com 1 redirects
1 idsync.rlcdn.com 1 redirects
1 sync.mathtag.com 1 redirects
1 cm.everesttech.net 1 redirects
1 ibm.demdex.net tags.tiqcdn.com
1 api.company-target.com scripts.demandbase.com
1 t.co securityintelligence.com
1 pixel.newscred.com securityintelligence.com
1 static.ads-twitter.com tags.tiqcdn.com
1 scripts.demandbase.com tags.tiqcdn.com
1 consent.truste.com tags.tiqcdn.com
1 www-api.ibm.com 1.www.s81c.com
1 cloud.ibm.com 1.www.s81c.com
1 api.www.s81c.com 1.www.s81c.com
1 static.cloudflareinsights.com securityintelligence.com
120 36
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.ibm.com
GeoTrust RSA CA 2018		 2021-09-13 -
2022-09-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.welcomesoftware.com
Amazon		 2022-02-23 -
2023-03-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
wildcard.bluemix.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-22 -
2023-03-22		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.truste.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2021-10-18 -
2022-10-14		 a year crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.tealiumiq.com
Amazon		 2021-09-24 -
2022-10-23		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
api.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2021-10-20 -
2022-09-26		 a year crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2		 2020-05-21 -
2022-07-17		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Frame ID: 07811B6CBE79592CC93BB8BD0330C025
Requests: 116 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=ibm.com
Frame ID: 504AB25BC6843339404525D17429FDC7
Requests: 1 HTTP requests in this frame

Frame: https://ibm.demdex.net/dest5.html?d_nsid=0
Frame ID: B6E89951C104CED5E38C6A483006FF01
Requests: 6 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=e41d6268-10e0-4f00-9c58-d613bbb340e7&no_iframe=1&mt_adid=171815&mt_lim=20&skipsync=10090&source=mathtag
Frame ID: B78E4BB056C2AEC5F3822829B0915FFD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IBM Security X-Force Research Advisory: New Destructive Malware Used In Cyber Attacks on Ukrainesi-icon-eightbarfeature

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

120
Requests

92 %
HTTPS

36 %
IPv6

29
Domains

36
Subdomains

29
IPs

2
Countries

1734 kB
Transfer

3753 kB
Size

34
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@8.1.4/swiper-bundle.min.js
Request Chain 25
  • https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
  • https://unpkg.com/swiper@8.1.4/swiper-bundle.min.css
Request Chain 93
  • https://pixel.mathtag.com/sync/img?sync=auto&mt_exid=10040&exsync=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D4735%2Ftp%3DMDMA%2Ftpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/map/c=4735/tp=MDMA/tpid=e41d6268-10e0-4f00-9c58-d613bbb340e7 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=4735/tp=MDMA/tpid=e41d6268-10e0-4f00-9c58-d613bbb340e7
Request Chain 104
  • https://id.rlcdn.com/464526.gif HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCOChoJMGEgUI6AcQAEIASgA HTTP 307
  • https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297luMLf_J-dLucbe31r33EOdjwIC7nRYsB-R_MTLQZLxg HTTP 303
  • https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297luMLf_J-dLucbe31r33EOdjwIC7nRYsB-R_MTLQZLxg&verifyHash=ebe32b897a89d83645a52d00eec8208c3bc858
Request Chain 110
  • https://cm.everesttech.net/cm/dd?d_uuid=38982802908049748884559693531792437613 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmgQ4AAAAELmKQPx
Request Chain 116
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=38982802908049748884559693531792437613&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d38982802908049748884559693531792437613 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=bae56268-10e0-4f00-94f7-4cc38e6d08e3&ddsuuid=38982802908049748884559693531792437613
Request Chain 118
  • https://idsync.rlcdn.com/365868.gif?partner_uid=38982802908049748884559693531792437613 HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=c7ad88b336b584feaab238cd73128a2025950318e807b04aa4d13846eb946855b0da87c991749652
Request Chain 120
  • https://c.bing.com/c.gif?uid=38982802908049748884559693531792437613&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=16EE3F53068F6C233F072EC107A56DB8
Request Chain 121
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626783351255334923

120 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/ 		136 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
223e7e6473baa1382eec223ce1775022adbba174e939b5551b9f7d1556ee8e9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=1800, must-revalidate, proxy-revalidate
cf-cache-status
MISS
cf-ray
702061051b784bd7-YUL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 26 Apr 2022 15:33:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Tue, 26 Apr 2022 15:34:50 GMT
last-modified
Tue, 26 Apr 2022 15:33:50 GMT
link
<https://securityintelligence.com/wp-json/>; rel="https://api.w.org/", <https://securityintelligence.com/wp-json/wp/v2/ibm_internals/434820>; rel="alternate"; type="application/json", <https://securityintelligence.com/?p=434820>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smNs%2F72rm%2FW8TqTtp0ZGSav%2FWIVMVv%2FP9b4ScVgDx9gvm7CO1uibC9G%2B2ynRxM9rhx7dlhP89aGYrXLiSZhcTkS26qGTeL%2BiUNHD4fOll8ZL3PYO22hRQ96li0UIo4z2ZAEhx1v3EqgJDGxpzuj8ZcTNrDJxtH0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
X-Forwarded-For, Accept-Encoding
x-content-type-options
nosniff
x-powered-by
W3 Total Cache/2.2.1
x-xss-protection
1; mode=block
v0.js
cdn.ampproject.org/ 		275 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adadfded3c1ffd984b57da307940b9acdc2e27767415891c5390ba94ac2c1bde
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72357
x-xss-protection
0
server
sffe
date
Tue, 26 Apr 2022 15:33:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"e3be1c6ce3fc7232"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Apr 2022 15:33:50 GMT
amp-list-0.1.js
cdn.ampproject.org/v0/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-list-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dc4d3eb74495bac9f1206cff87065096d318e75b30b62ce034763b45b142da0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13294
x-xss-protection
0
server
sffe
date
Tue, 26 Apr 2022 15:33:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"250aed5240824a73"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Apr 2022 15:33:50 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
109e8890bba6d8e005212094e43a58dfa2ea6ec702c9b7434c19c844ec832411
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14729
x-xss-protection
0
server
sffe
date
Tue, 26 Apr 2022 15:33:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"cf86a1f8f6ed8886"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Apr 2022 15:33:51 GMT
amp-accordion-0.1.js
cdn.ampproject.org/v0/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-accordion-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24c65488b6156369e396b9fe8645a0943120b86f6548a6b29095d792dc02ec8f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6097
x-xss-protection
0
server
sffe
date
Tue, 26 Apr 2022 15:33:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"e1ab4a46c5c73078"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Apr 2022 15:33:51 GMT
amp-animation-0.1.js
cdn.ampproject.org/v0/ 		83 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-animation-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5cdad2f0b52ff96bdeeecfae0c9a1f685a095913ed3f069e18e36525020d7ef
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19226
x-xss-protection
0
server
sffe
date
Tue, 26 Apr 2022 15:33:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"5522d126ec737723"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Apr 2022 15:33:51 GMT
amp-position-observer-0.1.js
cdn.ampproject.org/v0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-position-observer-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8456dfb9024efd6efd23bcfed89ccccfc1ebf9e2337093485bbf4b462bcbaa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3945
x-xss-protection
0
server
sffe
date
Tue, 26 Apr 2022 15:33:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"db80b914c96d63ec"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Apr 2022 15:33:51 GMT
amp-bind-0.1.js
cdn.ampproject.org/v0/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-bind-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
721fcabde967413392ce5028992a4f5e2ad45c8a61ab7c0cb5a54c56cfd95b4a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16623
x-xss-protection
0
server
sffe
date
Tue, 26 Apr 2022 15:33:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"715152c3cd27b60a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Apr 2022 15:33:51 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fca4ce5b9ecb1b62c989122c607c9987bc12f3c90989e4a5cc4a97d22f93fba9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9869
x-xss-protection
0
server
sffe
date
Tue, 26 Apr 2022 15:33:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"cfa4cbed6b9a82e2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Apr 2022 15:33:51 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
700564c8febd0b509b32f3866c1266fd2a4b3f351babb445c7e3c7a2e742488f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5048
x-xss-protection
0
server
sffe
date
Tue, 26 Apr 2022 15:33:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"6c0b1fc8349d2af8"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Apr 2022 15:33:51 GMT
amp-lightbox-gallery-0.1.js
cdn.ampproject.org/v0/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-lightbox-gallery-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cfe376a6b5d297b321520ba61e88a67aee9d63330c8afe45c58e38495bdfe0e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19329
x-xss-protection
0
server
sffe
date
Tue, 26 Apr 2022 15:33:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"11f5a6c31ef09cf1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Apr 2022 15:33:51 GMT
swiper-bundle.min.js
unpkg.com/swiper@8.1.4/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.js
  • https://unpkg.com/swiper@8.1.4/swiper-bundle.min.js
137 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.1.4/swiper-bundle.min.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a192cdfd3349d046b90e8fcf60c2b66a492d849f129ca525e4f7f518471f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
191121
fly-request-id
01G1DHV6Q2Y2KNYRTSEYM58MMY-lga
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"224e7-Za2A4qq5/msUfrRHecFuLq5tjWE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7020610f7ec04bc5-YUL

Redirect headers

date
Tue, 26 Apr 2022 15:33:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G1K7KC9T96CKSCJVW7422PA7-lga
server
cloudflare
age
537
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/swiper@8.1.4/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7020610f4e5d4bc5-YUL
access-control-allow-origin
*
amp-video-0.1.js
cdn.ampproject.org/v0/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-video-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c081b6870951b06b158f4ce8884da257af0065e3a47798430397ec81626af1c5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15738
x-xss-protection
0
server
sffe
date
Tue, 26 Apr 2022 15:33:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"9742b1471d379aca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Apr 2022 15:33:51 GMT
amp-youtube-0.1.js
cdn.ampproject.org/v0/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-youtube-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ccf8a2b8cd2286519225b7ce236a0d97bf93b2463384e113852c99ec8f9281c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11403
x-xss-protection
0
server
sffe
date
Tue, 26 Apr 2022 15:33:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"4ec9cde1ecf81d17"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Apr 2022 15:33:51 GMT
Cybercriminal-creating-malicious-software-typing-on-laptop-keypad-closeup.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/02/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/02/Cybercriminal-creating-malicious-software-typing-on-laptop-keypad-closeup.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
7978bdf5d9580547eef7aa32eaf9a9cbb9c1d90d5f82f4657cf79a90cfdb5c57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27470
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 24 Feb 2022 22:11:21 GMT
server
cloudflare
etag
"6b4e-5d8cadcb90088"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmyvwb0njeSh8rYTYhrOyCNw0SnAULHh%2BrZPO7GSx4bCHJ0nBQAjRI539Q0HCbsPUFo7ujFQKLvc3AfEnpqDFzQONedf0uoGwGzumEeSrJ%2FhZhgPpX1W8Rr84UW8%2FBLT1CnbKxtn0adJS35NW7cmwlPPrChH1jo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
70206112ffa8ecf6-YUL
expires
Wed, 26 Apr 2023 15:33:51 GMT
ida_stats.js
1.www.s81c.com/common/stats/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.www.s81c.com/common/stats/ida_stats.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:495::b3a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
312150280db7f7b09d11f18a58c0eeef6ec97a85976a44c163a96360ce09b160
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
content-encoding
gzip
last-modified
Mon, 04 Apr 2022 01:50:41 GMT
etag
"3f75c-5dbca5b17c644"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=16679
strict-transport-security
max-age=2592000
accept-ranges
bytes
content-length
73554
expires
Tue, 26 Apr 2022 20:11:50 GMT
modules.css
securityintelligence.com/wp-content/themes/sapphire/minifications/ 		67 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/minifications/modules.css?v=1650466695
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
9c7c2f2956f1110e5e7e360759c0fc49b62242b1e79667d67dbf945128551c54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Wed, 20 Apr 2022 14:58:15 GMT
server
cloudflare
etag
W/"10bc9-5dd173912a42e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dpp4dqu8eeZGnreS4XnBpNfewHbxRyyjTyFUSK94qBLlaDJZpH7%2FaUel7IlgNJ10xZeY2hIkXFcgEMcaE%2BCrGvJZlrNcodtWBKGroZjM9BxaCOyrJIiAnOz5lmaJhp8SM6pTOqjz%2F%2FIcHdlrehYjk5FgzcG6Ybo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
7020610f1b744bd7-YUL
expires
Wed, 26 Apr 2023 15:33:50 GMT
style.min.css
securityintelligence.com/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Tue, 12 Apr 2022 15:39:52 GMT
server
cloudflare
etag
W/"145db-5dc76df34f5e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZjHTyb1R%2BW2kjwIn5sFnEjN%2BzZciT7wnXfIUTqqBfsTCSTlgyF3eEZntNd0oaILWfbb3jSLAdjv0gYnpVg6EgDm2XSyEkt1VceUijR7ag%2BdtyqQ%2BvYjpsxrm%2F5sOxRRCsHg5uuiecx4JKdE71GiQfykeEY71uE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
7020610f1b754bd7-YUL
expires
Wed, 26 Apr 2023 15:33:50 GMT
styles.css
securityintelligence.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 21 Oct 2021 20:37:53 GMT
server
cloudflare
etag
W/"aab-5cee2de7285a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqkgp2jzzPXA8ol4POWVGy4eEEyovLxIRKxHfrv%2Bf5BiNBxNgIMBAU5klqzpGXFfNJ5PO478SFc0Aa%2F1UvjTkE2Ox%2F9MtAOiuayDHpn1jJcgF75mX%2BNbiaYqWIZE6tCH5s6s2rJmCbCkGJIs2oNP8N0KgTRjRWU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
7020610f6b8decf6-YUL
expires
Wed, 26 Apr 2023 15:33:50 GMT
style.css
securityintelligence.com/wp-content/plugins/taxonomy-images/css/ 		447 B
951 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/plugins/taxonomy-images/css/style.css?ver=0.9.6
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
4dd1908c6a8fd56a009de150a0d1b0c6c18a21543ff2f246a7108f385a22500e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 19 Sep 2019 20:08:59 GMT
server
cloudflare
etag
W/"1bf-592ed8633ba35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yu85G%2B668TsQjdT97suvvm%2FeuxDG%2B%2B1nBNHUzf60bkSrNP6S8LcouX9QNe9vRo4QAtI8aF3%2Ft%2By%2FSA12e0mfEW2CIJAnmJt%2B9vI21NabBdP3wss%2BUA2W3CjlMyCK6q7YQoZ0Y2gt16kTg5ISFbClMD2biPpSlfY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
7020610f6b8fecf6-YUL
expires
Wed, 26 Apr 2023 15:33:50 GMT
jquery.min.js
securityintelligence.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 22 Jul 2021 17:28:09 GMT
server
cloudflare
etag
W/"15db1-5c7b99c5423f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFWrnPcTj%2FCjBaAp3%2B52UzPnF7Q2ChONq%2BGgildHozBOT%2FKimrLezglS3QzkKHYWsWd8Q4ERD0kZb7AgZQiW74%2BnYkw7UfJyjQEtMk3TlIUEgyKy2A5Ln8GejKlF13ZONg93Tn2xqFQKnf%2Fi7SulTff6%2Fvhglww%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
7020610f6b93ecf6-YUL
expires
Wed, 26 Apr 2023 15:33:50 GMT
jquery-migrate.min.js
securityintelligence.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Mon, 14 Dec 2020 14:00:37 GMT
server
cloudflare
etag
W/"2bd8-5b66d110e5c96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0ddYzvqAeb33p%2BNkw24S%2BAm2ZnEfZFiOoZBMS%2Bc92yV8WDA4Y09vh3sFKTW7%2B07o%2BiWNSBXZJSaznlnAYQeyg%2BrLhc%2BbNyjPZiApfDob1f744YY9vfvVjQNme8JTabCk4XS6UlJemBVYeZLkOW5b8BAkO5UAKk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
7020610f6b95ecf6-YUL
expires
Wed, 26 Apr 2023 15:33:50 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-143580012-4
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83b78eb94721c251b6490f7c126252b10a464fb22d8ab472fe2c81cc18897a64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38839
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Apr 2022 15:33:51 GMT
css
fonts.googleapis.com/ 		9 KB
791 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b641685ea9eb246f092fb81633a1cfc7d2bd4cb01cc9af454550b18801c5329a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:33:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 26 Apr 2022 15:33:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Apr 2022 15:33:50 GMT
css
fonts.googleapis.com/ 		7 KB
731 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f69ecb3c984016b6b230d1449135e316365e81d081254f40e1ff1e3ec1029bac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:33:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 26 Apr 2022 15:33:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Apr 2022 15:33:50 GMT
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Serif&display=swap
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e285410eae8dc7586a1f0e3fe7a1ba47ae534f21ac997c5249a38c1fb8d2c36f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:31:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 26 Apr 2022 15:33:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Apr 2022 15:33:50 GMT
swiper-bundle.min.css
unpkg.com/swiper@8.1.4/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.css
  • https://unpkg.com/swiper@8.1.4/swiper-bundle.min.css
16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.1.4/swiper-bundle.min.css
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bf8c1a5bb073a51e3e127ad0660c56e81220a22b0096a3bfd591d1add47597b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
191233
fly-request-id
01G1DHQWB04PHHG5FBNEG99DH2-lga
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3e36-rVraWIxddg2YZ9UhWL79KOv8a3w"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7020610f8ed44bc5-YUL

Redirect headers

date
Tue, 26 Apr 2022 15:33:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G1K7Y8ET5K8D5NNZ43456M3E-lga
server
cloudflare
age
180
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/swiper@8.1.4/swiper-bundle.min.css
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7020610f6eac4bc5-YUL
access-control-allow-origin
*
single.css
securityintelligence.com/wp-content/themes/sapphire/minifications/ 		83 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1650466695
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
e830e5df9973ea43347538348ec5001185f1c305d5f1a8fd73769bf2534e3682
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Wed, 20 Apr 2022 14:58:15 GMT
server
cloudflare
etag
W/"14cea-5dd173912abfe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdkYzRgFv1yaohhRKUQ1sRnOBERhEOP2RI6MPxz3rJDnCCS2j9mlJ6%2FBJAanX6husKLrGQ9UMY%2F8oxeO6gyJsAB%2FdkXnRLCS%2FaWcinP0jYk5caKXk7SQoJ8syjpfsnrw4gKgsehLo%2BI4TrA0ZZypZ96T7bWz8E8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
7020610f6b96ecf6-YUL
expires
Wed, 26 Apr 2023 15:33:50 GMT
email-decode.min.js
securityintelligence.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 22 Apr 2022 17:45:27 GMT
server
cloudflare
etag
W/"6262e9b7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCpamWi3twmKdlRjfZN2xtjNlkHWMtUCUceTPLZk8KWLSnhzKKMVOBmRe%2FOgqGUVS4SZTHvhQcwLx2wDnOSFQyFPfeYlpKGwZ64GzzDeMgDQNxLYGv3CXPqmHb8eYYvZynGrCqvh7WtIPy62zAjpu1G9tTbqkFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7020610fec49ecf6-YUL
vary
Accept-Encoding
expires
Thu, 28 Apr 2022 15:33:50 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
702061131c834bc5-YUL
regenerator-runtime.min.js
securityintelligence.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Mon, 14 Feb 2022 14:48:48 GMT
server
cloudflare
etag
W/"195e-5d7fb83a43038"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkIe5Yw1joAL7BXeKZhr1ILuXdc6kg9g0v5Ik7MUwbm21QZus6SA37KltTll4WTsEMkdY6Jv8fuJKTuNbTP8sFCAxdn2cLu%2BrJxS4YnHMZwOMPxb3k2mbpr0fpzMZIrMeriT9AEpa9pPXqxjo77YlhHZ3kPZGR8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
7020610fec4fecf6-YUL
expires
Wed, 26 Apr 2023 15:33:51 GMT
wp-polyfill.min.js
securityintelligence.com/wp-includes/js/dist/vendor/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Mon, 14 Feb 2022 14:48:48 GMT
server
cloudflare
etag
W/"4b3d-5d7fb83a43420"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQhr0hiVXyWM%2BQiwQdpVL044pgfEI8X%2BRPqbUITLW7VqulRcvsZEgrC77YJdP9Siho51h7S%2BSummK8HYAnEp9k6p9qhdCsmrc7Od6lcsU5KTslIfGJOH%2FginI5WokHU30jhpzADxalgFU6SiyvbvHAlzVhK2%2B38%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
7020610fec57ecf6-YUL
expires
Wed, 26 Apr 2023 15:33:50 GMT
index.js
securityintelligence.com/wp-content/plugins/contact-form-7/includes/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Fri, 28 Jan 2022 14:00:34 GMT
server
cloudflare
etag
W/"25f8-5d6a4dbd02440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYu7F8DT6Z7XZ%2B4K0BYOTZTeKOGEITepPywSvM4eTwdosO98Efv06JhDLKSYjRcJfi6cAoqtH5S7AMDBw%2BzW83F14lajyOLnbNHh1ZJAG1mvnm4mnF%2BEKMWzTjAXiWLM3i7lF3jSgjaSxrfrXMYT27cTjdtIq7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
7020610fec5becf6-YUL
expires
Wed, 26 Apr 2023 15:33:51 GMT
qppr_frontend_script.min.js
securityintelligence.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js?ver=5.2.3
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 19 Sep 2019 20:08:30 GMT
server
cloudflare
etag
W/"636-592ed846ef8ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yb2%2B1r0Vh6uwRnx6uLOywUq97dyS89lT0UiJcvlM6%2BL%2BppG6TwmCSY10XZpAe9MsbKvTOiYppP6dsR4D0p8MbqhYOMwlfLXBo%2BJzc%2BRMUSvkPI3RTRbbghzWNUko625fljfkIljF6RE%2BRazBv5IADOPeE0qVHmY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
7020610fec5decf6-YUL
expires
Wed, 26 Apr 2023 15:33:51 GMT
wp-emoji-release.min.js
securityintelligence.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 22 Jul 2021 17:28:09 GMT
server
cloudflare
etag
W/"4705-5c7b99c54c034"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mS91axNBB1AXlErwZHFv0hJAY%2BQoq%2FMK8MofauZNYQhbQrCugZMmtBLsVbbOY4xMi7ZZPfYjMcYeTpq9%2Bdea9Knv8LJ4qcIMLzNAwK2HuJAHeVKWfpg6pNsilph2FCC%2BnAfwiol9voPfjCM7EW29glw2pCFfVbs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
70206112ffaaecf6-YUL
expires
Wed, 26 Apr 2023 15:33:51 GMT
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 19:57:05 GMT
x-content-type-options
nosniff
age
502606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18000
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:25 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Apr 2023 19:57:05 GMT
logo-white.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/logo-white.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
663a14b3fbb5e44ad939917a2f6f4d93f31a0a1d8ab6702fb0a66036141ddc8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 16 Jan 2020 16:58:28 GMT
server
cloudflare
etag
W/"2136-59c44bbef4f0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAZZruNQ8bp7Fn%2B2hYdrBlmJziv6SStfgjU9xAHS3m5sS%2BJdtF2Wu40QBzQ5I%2BHfx0oBUPb%2BTHn%2BMgQb7r5s03pl%2F8Im71bEyli8bR%2B4YxAwW7T%2F13iUujDHd1mDnlf%2Fs7sVM5VumhmOhbauzS%2F0F4Jx3Ende80%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
702061130fc6ecf6-YUL
expires
Wed, 26 Apr 2023 15:33:51 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012203281422000/v0/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203281422000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
391b94e7a9baba5e00252d07d966559b574c3e1b1925ac13e492663deab50c57
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
399632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4109
x-xss-protection
0
server
sffe
date
Fri, 22 Apr 2022 00:33:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d36558187daa6712"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Apr 2023 00:33:19 GMT
loading.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		972 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/loading.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1650466695
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
790cfd19a8e033f96c28d63386fc4e3aff117ed855f762b40f39691a921de760
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1650466695
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 12 Sep 2019 12:50:34 GMT
server
cloudflare
etag
W/"3cc-5925a955bdcb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hYdQD%2F3vrCwZuwW5HDxLRmHZXuvvr%2FbzRA6eDBjjiiUBp55LYW5IKAEhNJLwnBGhcqOiV1mczOSYZAZh9hGgtYWVLM%2BZaR4Jtbj08OfRBYm%2FOeNnpxCdUgIAtGrhOTz2NwcL5bDiPpdUF2n5y%2BIELOhmO7s3Xs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
702061132fd8ecf6-YUL
expires
Wed, 26 Apr 2023 15:33:51 GMT
search.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		951 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/search.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
0e82da81b591f6ffc35aa67bcd9e1c39aa5983f7f8baaf35892956e8b2dc004b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 12 Sep 2019 12:50:34 GMT
server
cloudflare
etag
W/"3b7-5925a955be86c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJla3bVheCMXTSkAY5%2Bl97HazmAHU93kH9GJhg9ijjD8YbXFpyR5xobHAN3PpAeEUXCvD67dWU%2BE6bQi0Tbvoz20bE2KL2Oc2KS4g1JA%2B2LKCZ1%2F3wYKXnFOmWzW4QxzuTtfXWtB%2FGMYulVWXCWoTLuBFsHaS94%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
702061133febecf6-YUL
expires
Wed, 26 Apr 2023 15:33:51 GMT
close.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		455 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/close.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
e89cc85750cabe4a1352be2c824af05958b906fdf9ab9b9e99fdd15a4d798152
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Fri, 27 Mar 2020 19:40:17 GMT
server
cloudflare
etag
W/"1c7-5a1db455dfe15"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VH%2BUuCXotjUQKMD9OuH3fh7Sh0rQyyF8V5I0%2BV2ZT0ynipfXeP2ZcSx2YAGKdW1o2gSs4Cij3iM6RTjBtQd%2Bjbfgkonaz5kZNJH2j9UqC3fY2qRWHIFK8ywPLOMO3%2B7mPKyL8QLzw%2BbRDbsd%2FSBLQH7B0aBlqI4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
702061133feeecf6-YUL
expires
Wed, 26 Apr 2023 15:33:51 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v11/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 02:51:42 GMT
x-content-type-options
nosniff
age
45729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18688
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 19:45:08 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Apr 2023 02:51:42 GMT
Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v11/Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31f1c8437b4a34d4b4d66c59927d16774fb6197faf13dbd7b04758a2afdbad0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 21:36:19 GMT
x-content-type-options
nosniff
age
64652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18564
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 19:48:41 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 25 Apr 2023 21:36:19 GMT
zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf4eae9216be01f9a411ac93c5008eb38a3abdbb12fdb50ef974a4599e90220a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 14:35:09 GMT
x-content-type-options
nosniff
age
3522
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19124
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Apr 2023 14:35:09 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v11/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 02:27:12 GMT
x-content-type-options
nosniff
age
47199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18740
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 19:45:00 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Apr 2023 02:27:12 GMT
zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9b10dd6f91b1495f2f5afb055e060c55a5cc89e12c435e383cc1998741a739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 00:14:00 GMT
x-content-type-options
nosniff
age
487191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19200
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Apr 2023 00:14:00 GMT
scroll-to-top.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		715 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/scroll-to-top.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
5d5997f11a9482db230a12a91801a5006294d0c68817607fb2d8efdc7ecf006a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 01 Oct 2020 17:04:26 GMT
server
cloudflare
etag
W/"2cb-5b09f0236c546"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lP7mq6z8bG%2BIaZyxXyfFBYCURFjKWVr%2FXjVj%2Bmlrj7aYDtywbksgC6MC7SPqLEmvbcxZqFp1oDXHfFxndDwhVG6uc6%2FL6H9FH2MZRfoyKpN1xq96WValDftTL%2FKv2Sfxi%2FlL%2FQO7Ru3eHm02Xnc3thPz66%2BmLC8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
70206113b897ecf6-YUL
expires
Wed, 26 Apr 2023 15:33:51 GMT
truncated
/ 		98 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
473b9fbb17fa7755c34ae89223bb3d75e7c9220cb31cae32e5838eae3b5814fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		84 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d87e9a5f66c1631a2b24f3ae74e4ffbedf00b643d1c57bded3c119773dcb0968

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		98 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6440fc0195f3b55d6745b071f7fc9201aa74fe10a6bf8e403ef3660552d08aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		99 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3181e593aa1c8a96cdd550ee065310398ea980f29f9582275b9b42110cb116b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		84 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96dfc5f50442cc86b4a34c0776427374af0b3a906c0d1b27ef2916e78b721f13

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		84 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86042f3e488c299da25a01ea2decaf7e796abd7ae4811782a75abc7ee78ee8d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
default-pic.jpg
securityintelligence.com/wp-content/themes/sapphire/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/default-pic.jpg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
2362a2b6663976d80e30679ab74d07731dd20ba8c5adbcae3d1123a6406d8eda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5342
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 14 May 2020 20:55:09 GMT
server
cloudflare
etag
"14de-5a5a1e9841ca6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8aoJCUYfVshoLOIlkcCen%2FUYyMsCPaBq8SvKdDymGz2hRrSehlJkV0wzOK%2F15KJfjwX6eFcO4IqP4R%2FRzkg9%2BRd9lKjm9hdAs60W6%2Bn1R9sBzqKQh7x3vn7Drpncn2qLf9haaesIhXcs6IdbGUALFSds9ZbAdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For,Accept
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
cf-ray
70206113f921ecf6-YUL
expires
Wed, 26 Apr 2023 15:33:51 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v11/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dca337d11cb99c194e99da0a8780ec4219ff742646b52a49675fffe44f5a7658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 21:35:05 GMT
x-content-type-options
nosniff
age
64726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18196
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 19:44:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 25 Apr 2023 21:35:05 GMT
zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 19:57:07 GMT
x-content-type-options
nosniff
age
502604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18860
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:14 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Apr 2023 19:57:07 GMT
zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
681e885d2baf3a5865cfa1fd6b9e5855b8a104b379208852b595c4e72f2c54b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 00:30:51 GMT
x-content-type-options
nosniff
age
486180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19436
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:25 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Apr 2023 00:30:51 GMT
arrow-right.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/arrow-right.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
03d81c05d2b7bcd709563806be145309333dd0f398a91885350953cda5a1a04f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 28 Jan 2021 11:49:18 GMT
server
cloudflare
etag
W/"2e7-5b9f47a46bf4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQOm9cTs7l8Lmt7fyriJHLINaCQN8LSE4FTUIFVRkm7OZY9GsArua%2FbzEqDMKJYF%2FmH3obLyDIdrKIuz5%2BWJhaOOWRPWvO2W%2FeJ81SbffBranuAGIvx4iuoT8GfDrA0MXCaGmitifNT5ykuCAQkZZct%2FQazf%2FIA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
7020611489d5ecf6-YUL
expires
Wed, 26 Apr 2023 15:33:51 GMT
Business-team-clapping-for-a-female-colleague-in-meeting-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/03/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/03/Business-team-clapping-for-a-female-colleague-in-meeting-630x330.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
4a4f63fe60b19218be345784bc89f2254b401217dd2c009afe68d4687a2c2364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2370
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22500
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Tue, 08 Mar 2022 14:00:03 GMT
server
cloudflare
etag
"57e4-5d9b565c2087f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwSa%2B5%2BgrmqmUy%2F91IExLjW52IaHHwH2x6tfSPni3TL3VSwUhMxaynRoi9QB8XymxHXgVNai4Yks7mq%2BDUAp788NImlXarMw0IPztBcVHx%2Fdxyi9g5eECA%2FKxR%2B0UXQcN9QwUd1jwoIZWbZGgwIlR1jCLdjOdEU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
7020611489dfecf6-YUL
expires
Wed, 26 Apr 2023 14:54:21 GMT
Cloud-Native-Security-Controls-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/04/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/04/Cloud-Native-Security-Controls-630x330.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
400dd9c39d2d01ed976237c79a8ad0c20be47971a0467f2269c8ebe55567bcc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2370
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21016
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Mon, 11 Apr 2022 12:00:04 GMT
server
cloudflare
etag
"5218-5dc5faf46ad91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsER%2FHzz27Fy6MxC3cdjbIuONphDpacY3JwXd8NYs7PoMEL6U21lWqQZeEto4xYdCGLeYd3SfjjU5cXtBmDfit4K11Rr9tIajF4vPFd4FC%2BY3R8%2BQhA0ALEs4Qeiq64YotJ9k%2F3TNP2IMH8K%2B6kn9P4%2FN3BCNZk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
7020611489e0ecf6-YUL
expires
Wed, 26 Apr 2023 14:54:21 GMT
Cybercriminal-creating-malicious-software-typing-on-laptop-keypad-closeup-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/02/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/02/Cybercriminal-creating-malicious-software-typing-on-laptop-keypad-closeup-630x330.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
54d3e6fd6df1340fa8bfe759ccbf99d178b5bebe49ef39bc4ef0ba99f0420c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2370
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10680
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 24 Feb 2022 22:11:22 GMT
server
cloudflare
etag
"29b8-5d8cadcbe6382"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inqK%2BV%2F%2B1RG%2FpwajczU5t88kJthgf5sNi4UG%2B96aeJcezcGV3vpK8xdEItppszlWUUjdrf6k4rMPbU6Xrocx6yMysiBp8qecGzQI7DBQ8Dy%2B94KGlkQ8uhNxv9tUfcq9BBrvKW3oWs15k0kjmuaiQ6sdSE4%2FV4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
7020611489e1ecf6-YUL
expires
Wed, 26 Apr 2023 14:54:21 GMT
600X1200_WEBINAR_03.jpg
securityintelligence.com/wp-content/uploads/2022/03/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/uploads/2022/03/600X1200_WEBINAR_03.jpg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
0f2ce7d98b6052b31e113dd73dc7dbb0ffb03854f456576924f19c2f492fd64e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23896
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 31 Mar 2022 17:11:37 GMT
server
cloudflare
etag
"5d58-5db86c13779c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55jAo%2BAkj88tQv6FBsd25aNAVF3%2BU9iUPkU42h00j9Lx8BxF4KHhrRU99DTfJTNu9%2BorXED7xG1oSrujwOnFp6yhr7c88Hw9FBkyqjEDqI7Jhr%2FLKC18EP2fviY8vXyvXpBaR%2BjfYSm%2Bl6Qx2Ard2t6X5vb4voQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For,Accept
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
cf-ray
7020611489e3ecf6-YUL
expires
Wed, 26 Apr 2023 15:33:51 GMT
Zz05YTU4OTJlMDk1YmIxMWVjYjliMzAyNDgwOWY4NWE5MQ==
images-cdn.welcomesoftware.com/ 		306 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-cdn.welcomesoftware.com/Zz05YTU4OTJlMDk1YmIxMWVjYjliMzAyNDgwOWY4NWE5MQ==?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOlsiOWE1ODkyZTA5NWJiMTFlY2I5YjMwMjQ4MDlmODVhOTEiXSwiZXhwIjoxNjQ1NzQ3NzE0fQ.hs8x8-hYpSz8MeFOeihxR8k4VRkfoQ9nHH85bhb2JLE
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:d000:f:fcff:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b5f4df0247e5df3b3b83ca6e660e00a736a45c36b07edd571bb6d209744d3c09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:11:01 GMT
via
1.1 45abe1833dce03139cbfcdfadefbc17a.cloudfront.net (CloudFront)
age
134570
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
content-length
313116
last-modified
Thu, 24 Feb 2022 21:49:12 GMT
server
nginx
etag
"c07c7a61edf86673dd01110d2d53c26a"
x-amz-version-id
rEPaO6QEBHnbURgqfekgkYLfBP3Rr7Q.
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
Rk9MlA0VoSa3ZPnv-rzZ7xW1kGzZxO6yDmfVnr9TuyqTjd-PbMbiMQ==
Zz1hNzMwNWI0Mjk1YmIxMWVjYWRjYzg2NDNiOWZjODVjNA==
images-cdn.welcomesoftware.com/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-cdn.welcomesoftware.com/Zz1hNzMwNWI0Mjk1YmIxMWVjYWRjYzg2NDNiOWZjODVjNA==?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOlsiYTczMDViNDI5NWJiMTFlY2FkY2M4NjQzYjlmYzg1YzQiXSwiZXhwIjoxNjQ1NzQ3NzE0fQ.Prim22fYjynqhVcw_w5jtkjkMs3tKHGB4FEQUd7AMYE
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:d000:f:fcff:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4592c521f52bd17d12a3df2183effd3603f70b5db98edfcf3f739a72e80c5d16

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:11:10 GMT
via
1.1 45abe1833dce03139cbfcdfadefbc17a.cloudfront.net (CloudFront)
age
134561
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
content-length
20813
last-modified
Thu, 24 Feb 2022 21:49:34 GMT
server
nginx
etag
"fb3b546d99e3340e058ad6e7ab3de501"
x-amz-version-id
eeRdRLHdCdUwrjkGu67KK.c.FJhA0KeO
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
NwFVvG1iGyKvy3XJBXoTXmw9OMgMyzO-72YCUvyXYEy5NtWEsFozww==
ww.js
cdn.ampproject.org/rtv/012203281422000/ 		51 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203281422000/ww.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9e83868be0fa34b8fedf843526cdb2ac18c4a92311ca8bcb73fdf15eade8b8b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
591414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14634
x-xss-protection
0
server
sffe
date
Tue, 19 Apr 2022 19:16:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8f71de582fa48dfb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Apr 2023 19:16:57 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143580012-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2995
date
Tue, 26 Apr 2022 14:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 26 Apr 2022 16:43:56 GMT
04fda913-503b-4222-b42c-35f15f189583
https://securityintelligence.com/ 		51 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://securityintelligence.com/04fda913-503b-4222-b42c-35f15f189583
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6eb3793eae6e61c3d227920d6667a235bfe163419a2df950497adeb4fcaf802e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Length
52688
Content-Type
text/javascript
/
api.www.s81c.com/webmaster/dbip/ 		427 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.www.s81c.com/webmaster/dbip/?callback=_dl.fn.userIpData.callback
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.114.203 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-114-203.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fa65ae4b632714fe246c34a2c886c18d143750b5ad4c17ccb791b0e19c796c20

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 15:33:51 GMT
Server
Apache
X-Backside-Transport
OK OK
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
X-Global-Transaction-ID
6d659579626810df9fc68aef
Connection
keep-alive
Content-Length
427
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=86020202&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&ul=en-us&de=UTF-8&dt=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=925132757&gjid=358058318&cid=1742940947.1650987232&tid=UA-143580012-4&_gid=1446925969.1650987232&_r=1&gtm=2ou4p0&did=dZTNiMT&gdid=dZTNiMT&z=271269934
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 15:33:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-143580012-4&cid=1742940947.1650987232&jid=925132757&gjid=358058318&_gid=1446925969.1650987232&_u=YGBACUAABAAAAC~&z=415830645
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 26 Apr 2022 15:33:51 GMT
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
p_85e1c2b3e06b87ddd5b2d9723a0213354253e4b2691412fad82df3b24daf6e5b.js
tags.tiqcdn.com/dle/ibm/web/ 		3 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/dle/ibm/web/p_85e1c2b3e06b87ddd5b2d9723a0213354253e4b2691412fad82df3b24daf6e5b.js
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.220.194 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
last-modified
Thu, 02 Feb 2017 22:12:19 GMT
server
AmazonS3
x-amz-request-id
KJC62FB5A0TCB20A
etag
"b519d08ef66fd54910edbedba6181ec2"
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
3
x-amz-id-2
nrNfuBu1xyVIi/5TurTBA+AgXIzES6PrydcJ0X2A2HjjlrNGbx/QxT7WFeHEgTHwEG1S9sldb+s=
expires
Tue, 26 Apr 2022 15:38:51 GMT
bmaid
cloud.ibm.com/analytics/ 		48 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloud.ibm.com/analytics/bmaid
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.232.186 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-232-186.deploy.static.akamaitechnologies.com
Software
undefined / Express
Resource Hash
7b604f8a1cdde1ea09dfd5d5b2db94d9970d12c0b8189441e94892495fb5eb5d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-powered-by
Express
x-envoy-upstream-service-time
8
server-timing
cdn-cache; desc=MISS, edge; dur=33, origin; dur=13
content-length
48
x-xss-protection
1; mode=block
x-request-id
undefined
x-response-time
2.120
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
undefined
etag
W/"30-tNRuDikQz2XD52lTcMvBny3S47Q"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
date
Tue, 26 Apr 2022 15:33:51 GMT
expires
0
dbdm-data
www-api.ibm.com/cookie-sync/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www-api.ibm.com/cookie-sync/dbdm-data?callback=_dl.fn.dataSync.callback
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:495::b3a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ Express
Resource Hash
c293dd767ec7cbd73e2a44a205433e08818fed8259a060805a8b063dc33b456a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Express
etag
W/"849-Rkx2/FcdkvYX5oQRsLonLvuukLg"
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
x-backside-transport
OK OK
cache-control
no-cache, no-store, must-revalidate
x-global-transaction-id
64e02e05626810e03846a8a1
strict-transport-security
max-age=15768000
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
content-length
1643
x-xss-protection
1; mode=block
utag.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		334 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.220.194 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
614c617b582f3242f31673e3c55680ef605fc21ec22e6547881c60dd97dee6c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:51 GMT
content-encoding
gzip
last-modified
Tue, 26 Apr 2022 15:29:47 GMT
server
AkamaiNetStorage
etag
"564980c06fad54fe5966521f398d5afd:1650986986.892374"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Tue, 26 Apr 2022 15:38:51 GMT
id
dpm.demdex.net/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=D10F27705ED7F5130A495C99%40AdobeOrg&d_nsid=0&ts=1650987232058
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.36.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-36-69.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d796fcda18a44aa209039284b19bc592a9731cd0e791e14ee64ccf72003dcfdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-2-v028-032c88327.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
MXjkb6+PRJ4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://securityintelligence.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
597
Expires
Thu, 01 Jan 1970 00:00:00 UTC
utag.28.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.28.js?utv=ut4.46.201803300231
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.220.194 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2e7f5342105b392a295080c87c345965fa5f4dea75ca8af10584bcac7c8d48a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
last-modified
Fri, 30 Mar 2018 02:32:36 GMT
server
AkamaiNetStorage
etag
"1ac4cbb8e65e89874c50b9129b8afbec:1522377156"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1123
expires
Wed, 11 May 2022 15:33:52 GMT
utag.162.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		52 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.162.js?utv=ut4.46.202204060605
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.220.194 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e57b4f20189b81d0b529481def6b7bddf6ad1fa33e9a6ed808d2a9d28e479334

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
last-modified
Wed, 06 Apr 2022 06:06:07 GMT
server
AkamaiNetStorage
etag
"50e5ea9dd113ee8f032c1a5694c0da5c:1649225167.439819"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
11700
expires
Wed, 11 May 2022 15:33:52 GMT
utag.24.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.24.js?utv=ut4.46.202004021713
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.220.194 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7bf8c8af5f6bd977c4618843d6f103ef01162da38c8cc27b5f292549c9a1ca7d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 17:13:24 GMT
server
AkamaiNetStorage
etag
"02fbc106ee77dce39296914d62393bed:1585847604.52902"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1774
expires
Wed, 11 May 2022 15:33:52 GMT
utag.53.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.53.js?utv=ut4.46.201706292022
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.220.194 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
90596b3d8081c6c46f53c00cc4215ccb61cadd6b0268bc2f9fe553c35774753d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
last-modified
Thu, 22 Mar 2018 04:18:05 GMT
server
AkamaiNetStorage
etag
"d2c69618305280734e4c67c71a0bc28a:1521692285"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1534
expires
Wed, 11 May 2022 15:33:52 GMT
utag.184.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.220.194 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
deb89b2cb1badbd9a684e6aed8409d4d7e7a9ef9d863b95c1116755a307a5f5a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
last-modified
Sat, 17 Oct 2020 02:42:47 GMT
server
AkamaiNetStorage
etag
"08b869489660d7180fcf95dfb594c231:1602902567.648186"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
5192
expires
Wed, 11 May 2022 15:33:52 GMT
utag.136.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.136.js?utv=ut4.46.201808201700
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.220.194 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e10c0bc79c425822dac76b3b3d381f523bc1a548b922ee73ce3435ef45c2ae6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
last-modified
Fri, 20 Jul 2018 14:28:36 GMT
server
AkamaiNetStorage
etag
"301f64e7791ec492b32864ff8aa6e6f9:1532096916"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
904
expires
Wed, 11 May 2022 15:33:52 GMT
utag.94.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.94.js?utv=ut4.46.202203221853
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.220.194 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
898413f0d39495364dbf2fea8d75f90c5e59196b8a659f4cd3b97d5e0a491367

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 18:51:07 GMT
server
AkamaiNetStorage
etag
"8ccdd1c1ded6e3886b782d50d3a61e1f:1592938267.587209"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1779
expires
Wed, 11 May 2022 15:33:52 GMT
utag.167.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.167.js?utv=ut4.46.202101200115
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.220.194 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
54e73aef7b2b0ccad0cdbfc30b6c82a011948df3827919196a0f27893ce5d5c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
last-modified
Wed, 20 Jan 2021 01:15:17 GMT
server
AkamaiNetStorage
etag
"b092f8c901d8afecfb07a4e7f929ef3e:1611105317.621153"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
2421
expires
Wed, 11 May 2022 15:33:52 GMT
utag.178.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.178.js?utv=ut4.46.202008241237
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.220.194 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fe286d4418ea555bb568a81ebcaab56560fc7d076eda46a790290db0c942e708

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 12:38:05 GMT
server
AkamaiNetStorage
etag
"1cc26c17c372c047fcf985d11b6f06f2:1598272685.212586"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1380
expires
Wed, 11 May 2022 15:33:52 GMT
utag.181.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.181.js?utv=ut4.46.202010301425
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.220.194 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e1b1e30b7778a859a6584d608645bf5d8402cf53fcf078b55fe617a117fec429

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
last-modified
Fri, 30 Oct 2020 14:25:44 GMT
server
AkamaiNetStorage
etag
"32e783cf592aaffb0bf09fc95b475ed0:1604067944.853384"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1025
expires
Wed, 11 May 2022 15:33:52 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ibm/web/202204261529&cb=1650987232122
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.220.194 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Tue, 26 Apr 2022 15:43:52 GMT
notice
consent.truste.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.truste.com/notice?c=teconsent&domain=ibm.com&country=CA&state=QC&language=en-US&text=true&pcookie&cdn=1&gtm=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.64.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-64-15.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
7f460f36d6ad0f445f08189a2a7451cefc76c7076ee6fb80552220fcf4caeb88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
x-cache
Miss from cloudfront
cloudfront-viewer-country
CA
vary
Accept-Encoding, Origin
content-length
3687
x-xss-protection
1; mode=block
timing-allow-origin
*
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 959ac13ef19fa38a0d3684985f996ffc.cloudfront.net (CloudFront)
cache-control
max-age=3600
cloudfront-viewer-country-region
QC
x-amz-cf-id
qlret3LUiVEn6XFE-L4A-jrGN9kBB70ThHNhkpyW6EsMXgj87EHL4g==
expires
Tue, 26 Apr 2022 16:33:52 GMT
ab057a07.min.js
scripts.demandbase.com/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.demandbase.com/ab057a07.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-55.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
194ea51d8f1ad1c00fbb738c8b400fbd2e4bd652fd578d52c2d6546d59295154
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 14:48:04 GMT
content-encoding
gzip
vary
Accept-Encoding
age
2749
x-cache
Hit from cloudfront
last-modified
Thu, 03 Mar 2022 17:14:48 GMT
server
AmazonS3
etag
W/"49d1fd25b9c43362d42ddee7e253de8f"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-version-id
vDxpEzAYBTn.c6ZE4MKxfkUcOnAaDSzg
via
1.1 4e3df844337032b56b8434990b0f76ca.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop
EWR53-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
x9R4qpjwkw1R6RGFVPPF-ju9Y3FRV2VOUEjXsUO0tphwGO__o5FIqQ==
js
www.googletagmanager.com/gtag/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-143580012-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143580012-4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87d3689542a353de7f07e46bb049ce7c2d7a68d222667e21df0031a8a3c23233
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38847
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Apr 2022 15:33:52 GMT
js
pixel.mathtag.com/event/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_pp=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.17.65.31 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-31.deploy.static.akamaitechnologies.com
Software
MT3 4374 b349c17 master iad-pixel-x7 config:1.0.0 /
Resource Hash
8d4a8fd92a0381d2c534abe994beba126da9eb4b5de49412c78a06ee4c730c20

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 15:33:52 GMT
Server
MT3 4374 b349c17 master iad-pixel-x7 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
2487
Expires
Tue, 26 Apr 2022 15:33:51 GMT
i.gif
collect.tealiumiq.com/ibm/main/2/ 		43 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.tealiumiq.com/ibm/main/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.60.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-60-235.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryIIgnXSDIrn2fXxpq

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
vary
Origin
x-serverid
uconnect_i-06606c5c59b27206d
x-tid
01806681eb220095e139e354347803074007d06c00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
ibm:main:2:datacloud
x-region
us-east-1
content-length
43
pragma
no-cache
x-did
01806681eb220095e139e354347803074007d06c00b08
content-type
image/gif
access-control-allow-origin
https://securityintelligence.com
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-ulver
f6a1c96edb1dc6c0803799e121e3c7508d654d71-SNAPSHOT
x-uuid
525ac3e2-b353-4429-930a-27ad558d7a38
expires
Tue, 26 Apr 2022 15:33:52 GMT
survey.js
1.www.s81c.com/common/stats/ 		93 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.www.s81c.com/common/stats/survey.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:495::b3a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
814759860cc987a983b49f360ae29e58b08fda03e86356545d310f44bd8c972c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 15:08:38 GMT
etag
"17462-5d6f646a0ced0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=65329
strict-transport-security
max-age=2592000
accept-ranges
bytes
content-length
27629
expires
Wed, 27 Apr 2022 09:42:41 GMT
uwt.js
static.ads-twitter.com/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.167.js?utv=ut4.46.202101200115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.208.157 Newark, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70d4c4423dab9cf00b6e9bcf57518eeafff00e9d2499f4463498b03bef2bdc33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 18:21:30 GMT
etag
"c47a9d4becaab89e22af7ba863c58452+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
9501
x-served-by
cache-iad-kjyo7100062-IAD, cache-ewr18130-EWR
js
pixel.mathtag.com/sync/ 		237 B
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/js?cs_jsonp=mmUuidSync&mt_nsync=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.17.65.31 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-31.deploy.static.akamaitechnologies.com
Software
MT3 4281 354de82 master iad-pixel-x8 config:1.0.0 /
Resource Hash
e52da84eb8c2c9fac05d2455987621e279d0b0e0719d73351cac0d975d812588

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 15:33:52 GMT
Server
MT3 4281 354de82 master iad-pixel-x8 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
237
Expires
Tue, 26 Apr 2022 15:33:51 GMT
tpid=e41d6268-10e0-4f00-9c58-d613bbb340e7
sync.crwdcntrl.net/map/ct=y/c=4735/tp=MDMA/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?sync=auto&mt_exid=10040&exsync=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D4735%2Ftp%3DMDMA%2Ftpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/map/c=4735/tp=MDMA/tpid=e41d6268-10e0-4f00-9c58-d613bbb340e7
  • https://sync.crwdcntrl.net/map/ct=y/c=4735/tp=MDMA/tpid=e41d6268-10e0-4f00-9c58-d613bbb340e7
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=4735/tp=MDMA/tpid=e41d6268-10e0-4f00-9c58-d613bbb340e7
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Server
52.1.175.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-175-157.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 15:33:52 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.46.187
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 26 Apr 2022 15:33:52 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/map/ct=y/c=4735/tp=MDMA/tpid=e41d6268-10e0-4f00-9c58-d613bbb340e7
cache-control
no-cache
x-server
10.40.6.36
content-length
0
expires
0
px.gif
pixel.newscred.com/ 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.newscred.com/px.gif?key=YXJ0aWNsZT1hYWNiOWZlMjk1YWIxMWVjOWNjYjIyMjgyOWRiNTY0NA==
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.153.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-153-61.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 15:33:52 GMT
cache-control
max-age=0, public, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-length
43
content-type
image/gif
d_medallia_survey_configurations.js
tags.tiqcdn.com/dle/ibm/web/ 		70 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/dle/ibm/web/d_medallia_survey_configurations.js?callback=?&_=1650987231173
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.220.194 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bf51007c87fc4e17da5ec6ffccaab0804cc92186d1afad892e4b30094d133677

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 12:16:51 GMT
server
AmazonS3
x-amz-request-id
JAVYJ10AKQ58MKV1
etag
"dbfac4dc24d012c66fb7b9adbbb5d5a0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
14246
x-amz-id-2
z9fBboq+NJsSKk9mNlb2s/Lz1EKhcHQWrGqnMSCeiRmSHHicszJFOzoGgYeDYL3O1LoFPCsKQYE=
expires
Tue, 26 Apr 2022 16:33:52 GMT
adsct
analytics.twitter.com/i/ 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.2&p_id=Twitter&p_user_id=0&txn_id=nv8so&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=bfda9a4f-00bd-4987-abd9-833e389e95c1&tw_document_href=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-response-time
6
date
Tue, 26 Apr 2022 15:33:51 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
65e2dedee4c95bb3f4582064557448c4cb78e2b1ff735035186d6e8f420534f4
content-length
43
adsct
t.co/i/ 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.3.2&p_id=Twitter&p_user_id=0&txn_id=nv8so&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=bfda9a4f-00bd-4987-abd9-833e389e95c1&tw_document_href=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-response-time
6
date
Tue, 26 Apr 2022 15:33:52 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
1bd92a1d94df5f59ff3be9a60e11954126b4b1becbab0176bda8278826a16c65
content-length
43
js
pixel.mathtag.com/event/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_pp=2&mt_adid=171815&mt_id=1075167&event_type=catchall&industry=technology&page_name=securityintelligence.com%252Fposts%252Fnew-destructive-malware-cyber-attacks-ukraine&site_language=en-US&version=1.0&search_query=%3Fsocial_post%3D6567161505%26linkId%3D156583495&language=en-CA%2Cen%3Bq%3D0.9&mt_lim=20&document_title=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&location=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&document_path=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&mt_cb=1650987232229
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_pp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.17.65.31 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-31.deploy.static.akamaitechnologies.com
Software
MT3 4335 2c68c00 master iad-pixel-x32 config:1.0.0 /
Resource Hash
013027e2f397c88d7d7555cb3565beb2c65bb3b01b9c5738b04332aa13998740

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 15:33:52 GMT
Server
MT3 4335 2c68c00 master iad-pixel-x32 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1436
Expires
Tue, 26 Apr 2022 15:33:51 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=86020202&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&dr=None&dp=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&ul=en-us&de=UTF-8&dt=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDACUABBAAAAC~&jid=1323702586&gjid=1085127286&cid=1742940947.1650987232&uid=0ed1b500-1a56-42e8-bcd7-67364b84a899&tid=UA-143580012-1&_gid=1446925969.1650987232&_r=1&gtm=2ou4p0&did=dZTNiMT&gdid=dZTNiMT&cd1=0&cd2=SECURITYINTELLIGENCE&cd3=0ed1b500-1a56-42e8-bcd7-67364b84a899&cd5=4e7c64e3-33a3-4e41-afb4-9f16d5a52fc0&cd6=1650987232035&cd12=securityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine&cd13=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&cd16=None&cd17=None&cd19=custom%20DELIVERY%3AWordPress%20AUTHORING%3AHand%20coded&cd31=en-US&cd34=url-85e1c2b3e06b87ddd5b2d9723a0213354253e4b2691412fad82df3b24daf6e5b&cd35=1650987231562&cd37=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&cd39=Malware&cd69=prod&cd90=2%3A&cm54=1&cd122=6567161505&z=334105146
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 15:33:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=86020202&t=pageview&_s=2&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&dp=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&ul=en-us&de=UTF-8&dt=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDACUABBAAAAC~&jid=&gjid=&cid=1742940947.1650987232&uid=0ed1b500-1a56-42e8-bcd7-67364b84a899&tid=UA-143580012-4&_gid=1446925969.1650987232&gtm=2ou4p0&did=dZTNiMT&gdid=dZTNiMT&cd6=1650987232035&cd19=custom%20DELIVERY%3AWordPress%20AUTHORING%3AHand%20coded&cm54=1&cd122=6567161505&z=186511768
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 14:34:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3572
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
01806681eb220095e139e354347803074007d06c00b08
visitor-service-us-east-1.tealiumiq.com/ibm/main/ 		27 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor-service-us-east-1.tealiumiq.com/ibm/main/01806681eb220095e139e354347803074007d06c00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1650987232255
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.123.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-123-240.compute-1.amazonaws.com
Software
/
Resource Hash
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-version
f6a1c96edb1dc6c0803799e121e3c7508d654d71-SNAPSHOT
date
Tue, 26 Apr 2022 15:33:52 GMT
x-region
us-east-1
content-length
27
strict-transport-security
max-age=31536000; includeSubdomains
x-nodeid
i-02a0abe20a8a2594b
content-type
application/javascript; charset=utf-8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=86020202&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&dr=None&dp=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&ul=en-us&de=UTF-8&dt=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=MediaMath&ea=MediaMath_Sync_Pixel&el=securityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine&ev=0&_u=6GDACUABBAAAAC~&jid=&gjid=&cid=1742940947.1650987232&uid=0ed1b500-1a56-42e8-bcd7-67364b84a899&tid=UA-143580012-1&_gid=1446925969.1650987232&gtm=2ou4p0&did=dZTNiMT&gdid=dZTNiMT&cd1=0&cd2=SECURITYINTELLIGENCE&cd3=0ed1b500-1a56-42e8-bcd7-67364b84a899&cd5=4e7c64e3-33a3-4e41-afb4-9f16d5a52fc0&cd12=securityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine&cd13=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&cd16=None&cd17=None&cd31=en-US&cd34=url-85e1c2b3e06b87ddd5b2d9723a0213354253e4b2691412fad82df3b24daf6e5b&cd35=1650987231562&cd37=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&cd39=Malware&cd40=non-std&cd60=false&cd68=false&cd69=prod&cd90=2%3A&cm54=0&cd41=MEDIAMATH&cd42=null&cd46=bae56268-10e0-4f00-94f7-4cc38e6d08e3&cd48=1650987232256&cd49=003aa7a4-3313-c694-b4b6-a7a43313b4b6&cd103=bae56268-10e0-4f00-94f7-4cc38e6d08e3&z=1576459799
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 14:34:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3572
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-143580012-1&cid=1742940947.1650987232&jid=1323702586&uid=0ed1b500-1a56-42e8-bcd7-67364b84a899&gjid=1085127286&_gid=1446925969.1650987232&_u=6GDACUABBAAAAC~&z=1983118576
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 26 Apr 2022 15:33:52 GMT
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
validateCookie
segments.company-target.com/
Redirect Chain
  • https://id.rlcdn.com/464526.gif
  • https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCOChoJMGEgUI6AcQAEIASgA
  • https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297luMLf_J-dLucbe31r33EOdjwIC7nRYsB-R_MTLQZLxg
  • https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297luMLf_J-dLucbe31r33EOdjwIC7nRYsB-R_MTLQZLxg&verifyHash=ebe32b897a89d83645a52d00eec8208c3bc858
26 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297luMLf_J-dLucbe31r33EOdjwIC7nRYsB-R_MTLQZLxg&verifyHash=ebe32b897a89d83645a52d00eec8208c3bc858
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
HTTP/1.1
Server
13.225.223.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-120.jfk51.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 15:33:52 GMT
Via
1.1 27f14fa3828b5a3937a29b10d6b5aa0e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK51-C1
Vary
Origin
X-Cache
Miss from cloudfront
Content-Type
image/gif
Transfer-Encoding
chunked
Connection
keep-alive
trace-id
dee3d5c73ff9c989
X-Amz-Cf-Id
2-V6A2hGOyjejhhk2Ccm1pU0kQieNE1ZlUJuvBQ7XMppocns8aQFFA==

Redirect headers

Date
Tue, 26 Apr 2022 15:33:52 GMT
Via
1.1 27f14fa3828b5a3937a29b10d6b5aa0e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK51-C1
Vary
Origin
X-Cache
Miss from cloudfront
Location
/validateCookie?vendor=liveramp&user_id=Xc1297luMLf_J-dLucbe31r33EOdjwIC7nRYsB-R_MTLQZLxg&verifyHash=ebe32b897a89d83645a52d00eec8208c3bc858
Connection
keep-alive
trace-id
99e2f13a660d3163
Content-Length
0
X-Amz-Cf-Id
h8PKwwdsP-R9xhqiUHOEo8mA9AhxYTUfSzRgNapRKbi_8riSNPpfPw==
ip.json
api.company-target.com/api/v2/ 		432 B
929 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&page_title=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&src=tag&auth=3bBgqVBte1TTf45vQSDHciEuWvwlaJSrT1DMWtRI
Requested by
Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/ab057a07.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-21.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
8143504aa0343cd3d72cb2dc971a0c6bb7ceeb28d2f20970e24527988659139f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
identification-source
CENTRAL
vary
Accept-Encoding, Origin
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
request-id
3150c43c-741a-47e8-9671-e091f3e147d9
content-encoding
gzip
pragma
no-cache
access-control-allow-origin
https://securityintelligence.com
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
via
1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
1kANkHw6bWGnLc9TnvECHVKlukc-MEejIiycHD6zq9epjShlpPhcgQ==
expires
Mon, 25 Apr 2022 15:33:52 GMT
v1.7-458
consent.trustarc.com/asset/notice.js/v/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-458
Requested by
Host: consent.truste.com
URL: https://consent.truste.com/notice?c=teconsent&domain=ibm.com&country=CA&state=QC&language=en-US&text=true&pcookie&cdn=1&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.64.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-64-21.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
b62c80a53749bed7d1e8d6a4798f744e4701e66c8383e301621ad8839b24b09c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 15:19:26 GMT
content-encoding
gzip
vary
Accept-Encoding
age
866
x-cache
Hit from cloudfront
pragma
public
access-control-allow-origin
*
last-modified
Mon, 21 Feb 2022 05:49:07 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
via
1.1 e2ddb156cdc225570ee247c2aefc938e.cloudfront.net (CloudFront)
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-pop
EWR53-C1
timing-allow-origin
*
x-amz-cf-id
WCEZi290yDv6qEHb2q6QwWTBJeFhfC07mTfsV1d9odhAtJQpYUK-WQ==
expires
Thu, 26 May 2022 15:19:26 GMT
get
consent.trustarc.com/ Frame 504A 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=crossdomain.html&domain=ibm.com
Requested by
Host: consent.truste.com
URL: https://consent.truste.com/notice?c=teconsent&domain=ibm.com&country=CA&state=QC&language=en-US&text=true&pcookie&cdn=1&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.64.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-64-21.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3066
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 26 Apr 2022 14:42:46 GMT
expires
Thu, 26 May 2022 14:42:46 GMT
pragma
public
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding Origin
via
1.1 3496707421faf86f68ae341aa8b7d1b8.cloudfront.net (CloudFront)
x-amz-cf-id
wbfjLlRCypMgN2p9vGUWzBT26vPbjcVLU_rfswsu_RC0O8T-0LkLTA==
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
log
consent.trustarc.com/ 		43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=ibm.com&country=ca&state=&behavior=implied&c=2ae1
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.64.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-64-21.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Apr 2022 15:33:52 GMT
via
1.1 3496707421faf86f68ae341aa8b7d1b8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
EWR53-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=31536000; includeSubDomains
content-length
43
x-amz-cf-id
QY3d8HazFe3ZjahQ0u3ugexAynIT_SSB5c_KHBIlo8-NE0x72BIEgg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
dest5.html
ibm.demdex.net/ Frame B6E8 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ibm.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.36.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-36-69.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-2-v028-04fe772f5.edge-usw2.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
P4xHhU5+Qjs=
content-encoding
gzip
date
Tue, 26 Apr 2022 15:33:52 GMT
last-modified
Wed, 13 Apr 2022 15:26:10 GMT
vary
accept-encoding
ibs:dpid=411&dpuuid=YmgQ4AAAAELmKQPx
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=38982802908049748884559693531792437613
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmgQ4AAAAELmKQPx
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmgQ4AAAAELmKQPx
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
HTTP/1.1
Server
54.149.36.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-36-69.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v028-0958cb8de.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ZYcngCIpSpc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmgQ4AAAAELmKQPx
Date
Tue, 26 Apr 2022 15:33:52 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
i.gif
collect.tealiumiq.com/ibm/main/2/ 		43 B
753 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.tealiumiq.com/ibm/main/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.60.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-60-235.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryVu6BAL3qS2KHyhFa

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
vary
Origin
x-serverid
uconnect_i-0a15c744c45b46a24
x-tid
01806681eb220095e139e354347803074007d06c00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
ibm:main:2:datacloud
x-region
us-east-1
content-length
43
pragma
no-cache
x-did
01806681eb220095e139e354347803074007d06c00b08
content-type
image/gif
access-control-allow-origin
https://securityintelligence.com
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-ulver
f6a1c96edb1dc6c0803799e121e3c7508d654d71-SNAPSHOT
x-uuid
5e650128-a31a-42a2-9300-c7fff16443cd
expires
Tue, 26 Apr 2022 15:33:52 GMT
01806681eb220095e139e354347803074007d06c00b08
visitor-service-us-east-1.tealiumiq.com/ibm/main/ 		27 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor-service-us-east-1.tealiumiq.com/ibm/main/01806681eb220095e139e354347803074007d06c00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1650987232433
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.123.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-123-240.compute-1.amazonaws.com
Software
/
Resource Hash
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-version
f6a1c96edb1dc6c0803799e121e3c7508d654d71-SNAPSHOT
date
Tue, 26 Apr 2022 15:33:52 GMT
x-region
us-east-1
content-length
27
strict-transport-security
max-age=31536000; includeSubdomains
x-nodeid
i-09492231a40657a08
content-type
application/javascript; charset=utf-8
iframe
pixel.mathtag.com/sync/ Frame B78E 		631 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=e41d6268-10e0-4f00-9c58-d613bbb340e7&no_iframe=1&mt_adid=171815&mt_lim=20&skipsync=10090&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_pp=2&mt_adid=171815&mt_id=1075167&event_type=catchall&industry=technology&page_name=securityintelligence.com%252Fposts%252Fnew-destructive-malware-cyber-attacks-ukraine&site_language=en-US&version=1.0&search_query=%3Fsocial_post%3D6567161505%26linkId%3D156583495&language=en-CA%2Cen%3Bq%3D0.9&mt_lim=20&document_title=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&location=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&document_path=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&mt_cb=1650987232229
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.17.65.31 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-31.deploy.static.akamaitechnologies.com
Software
MT3 4281 354de82 master iad-pixel-x10 config:1.0.0 /
Resource Hash
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
631
Content-Type
text/html
Date
Tue, 26 Apr 2022 15:33:52 GMT
Expires
Tue, 26 Apr 2022 15:33:51 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4281 354de82 master iad-pixel-x10 config:1.0.0
img
pixel.mathtag.com/misc/ 		43 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.17.65.31 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-31.deploy.static.akamaitechnologies.com
Software
MT3 4335 2c68c00 master iad-pixel-x31 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 15:33:52 GMT
Server
MT3 4335 2c68c00 master iad-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 26 Apr 2022 15:33:51 GMT
img
pixel.mathtag.com/misc/ Frame B78E 		43 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e41d6268-10e0-4f00-9c58-d613bbb340e7&no_iframe=1&mt_adid=171815&mt_lim=20&skipsync=10090&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.17.65.31 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-31.deploy.static.akamaitechnologies.com
Software
MT3 4374 b349c17 master iad-pixel-x9 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=e41d6268-10e0-4f00-9c58-d613bbb340e7&no_iframe=1&mt_adid=171815&mt_lim=20&skipsync=10090&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 15:33:52 GMT
Server
MT3 4374 b349c17 master iad-pixel-x9 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 26 Apr 2022 15:33:51 GMT
ibs:dpid=269&dpuuid=bae56268-10e0-4f00-94f7-4cc38e6d08e3&ddsuuid=38982802908049748884559693531792437613
dpm.demdex.net/ Frame B6E8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=38982802908049748884559693531792437613&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d38982802908049...
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=bae56268-10e0-4f00-94f7-4cc38e6d08e3&ddsuuid=38982802908049748884559693531792437613
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=269&dpuuid=bae56268-10e0-4f00-94f7-4cc38e6d08e3&ddsuuid=38982802908049748884559693531792437613
Protocol
HTTP/1.1
Server
54.149.36.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-36-69.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ibm.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v028-093f87494.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
wlaAOGmsTCw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Tue, 26 Apr 2022 15:33:53 GMT
Server
MT3 4335 2c68c00 master hkg-pixel-x3 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=269&dpuuid=bae56268-10e0-4f00-94f7-4cc38e6d08e3&ddsuuid=38982802908049748884559693531792437613
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 26 Apr 2022 15:33:52 GMT
rum
securityintelligence.com/cdn-cgi/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
content-type
application/json

Response headers

date
Tue, 26 Apr 2022 15:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
7020611cab65ecf6-YUL
vary
Origin
ibs:dpid=477&dpuuid=c7ad88b336b584feaab238cd73128a2025950318e807b04aa4d13846eb946855b0da87c991749652
dpm.demdex.net/ Frame B6E8
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=38982802908049748884559693531792437613
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=c7ad88b336b584feaab238cd73128a2025950318e807b04aa4d13846eb946855b0da87c991749652
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=c7ad88b336b584feaab238cd73128a2025950318e807b04aa4d13846eb946855b0da87c991749652
Protocol
HTTP/1.1
Server
54.149.36.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-36-69.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ibm.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v028-03295a6f9.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
33HGY7nsSeE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Tue, 26 Apr 2022 15:33:52 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=c7ad88b336b584feaab238cd73128a2025950318e807b04aa4d13846eb946855b0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adsct
analytics.twitter.com/i/ Frame B6E8 		43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=38982802908049748884559693531792437613&p_id=38594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ibm.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-response-time
6
date
Tue, 26 Apr 2022 15:33:51 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
65e2dedee4c95bb3f4582064557448c4cb78e2b1ff735035186d6e8f420534f4
content-length
43
ibs:dpid=1957&dpuuid=16EE3F53068F6C233F072EC107A56DB8
dpm.demdex.net/ Frame B6E8
Redirect Chain
  • https://c.bing.com/c.gif?uid=38982802908049748884559693531792437613&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=16EE3F53068F6C233F072EC107A56DB8
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=16EE3F53068F6C233F072EC107A56DB8
Protocol
HTTP/1.1
Server
54.149.36.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-36-69.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ibm.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v028-049a36151.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/jSAD7lqRAs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 26 Apr 2022 15:33:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F412E082A11A4BF0A837C62446712DC7 Ref B: YTO01EDGE0820 Ref C: 2022-04-26T15:33:53Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=16EE3F53068F6C233F072EC107A56DB8
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ibs:dpid=22052&dpuuid=3626783351255334923
dpm.demdex.net/ Frame B6E8
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626783351255334923
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626783351255334923
Protocol
HTTP/1.1
Server
54.149.36.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-36-69.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ibm.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v028-0dab4bbc5.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6koJzcJaRU4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 26 Apr 2022 15:33:53 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
location
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626783351255334923
cache-control
private
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185
expires
0,Wed, 27 Apr 2022 11:33:53 GMT
Zz1iMjQ2YWE0MDk1YmIxMWVjODVhMTg2NDNiOWZjODVjNA==
images-cdn.welcomesoftware.com/ 		299 KB
300 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-cdn.welcomesoftware.com/Zz1iMjQ2YWE0MDk1YmIxMWVjODVhMTg2NDNiOWZjODVjNA==?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOlsiYjI0NmFhNDA5NWJiMTFlYzg1YTE4NjQzYjlmYzg1YzQiXSwiZXhwIjoxNjQ1NzQ3NzE0fQ.YAwpNoKc4V1SsFPQod8k1LW_sqNFiMSgN52dfsyLP7o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:d000:f:fcff:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
054a691210127056d3210996fae440364403edfef904affa979214ee9322637b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 14:12:23 GMT
via
1.1 45abe1833dce03139cbfcdfadefbc17a.cloudfront.net (CloudFront)
age
91294
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
content-length
306672
last-modified
Thu, 24 Feb 2022 21:49:52 GMT
server
nginx
etag
"4bf92e47e91b343de34f47eabff42bff"
x-amz-version-id
.Jgw42VM4Feq9bBJJ1QvJ_.FSMzRUmiP
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
dnnTpwskpHw2LsBAVpgEtfAQJThgd9t_Gz6APIBIAVbNauTJvLBO5g==
img
pixel.mathtag.com/misc/ 		43 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.17.65.31 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-31.deploy.static.akamaitechnologies.com
Software
MT3 4281 354de82 master iad-pixel-x23 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 15:34:02 GMT
Server
MT3 4281 354de82 master iad-pixel-x23 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 26 Apr 2022 15:34:01 GMT
img
pixel.mathtag.com/misc/ Frame B78E 		43 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e41d6268-10e0-4f00-9c58-d613bbb340e7&no_iframe=1&mt_adid=171815&mt_lim=20&skipsync=10090&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.17.65.31 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-31.deploy.static.akamaitechnologies.com
Software
MT3 4335 2c68c00 master iad-pixel-x32 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=e41d6268-10e0-4f00-9c58-d613bbb340e7&no_iframe=1&mt_adid=171815&mt_lim=20&skipsync=10090&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Tue, 26 Apr 2022 15:34:02 GMT
Server
MT3 4335 2c68c00 master iad-pixel-x32 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 26 Apr 2022 15:34:01 GMT

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| AMP function| Swiper function| sendClickTag function| tagAllLinks object| digitalData object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| elementList object| _appInfo object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| qpprFrontData object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| isIdaStatsLoaded boolean| isAnalyticsLibLoaded object| _ibmAnalytics object| _dl object| ghostQueue object| ibmStats function| createPageviewTagForSPA function| bindPageViewWithAnalytics function| jQuery2 boolean| isJQueryOnSupported object| v16elu string| pageViewAttributes object| ibmweb object| dl string| IBMPageCategory boolean| isProductPage object| __cfBeacon object| gaplugins object| gaGlobal object| gaData object| twemoji object| wp object| utag_data function| tealium_enrichment string| US_PRIVACY object| record boolean| getVCPICalled object| utag_err boolean| utag_condload string| tmeid object| responseTokenMap string| entCategory undefined| entCategoryL10 undefined| entCategoryL15 undefined| entCategoryL17 undefined| entCategoryL20 undefined| entCategoryL30 undefined| entCategoryut10 undefined| entCategoryut15 undefined| entCategoryut17 undefined| entCategoryut20 undefined| entCategoryut30 undefined| entCategoryL10_15 undefined| entCategoryut10_15 undefined| entCategoryL10_15_17 undefined| entCategoryut10_15_17 undefined| entCategoryL10_15_17_20 undefined| entCategoryut10_15_17_20 undefined| entCategoryL10_15_17_20_30 undefined| entCategoryut10_15_17_20_30 undefined| nluKeywordsLocal undefined| topicsMap undefined| topics string| categoryCode string| categoryName undefined| eventInfo undefined| url object| utag function| e function| _tealium_old_error boolean| __tealium_twc_switch object| utag_cfg_ovrd object| datalayer object| utag2 object| URXEVENT object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor object| __TEALIUM function| targetPageParamsAll function| targetPageParams string| gtagRename object| MathTag function| twq function| mmUuidSync boolean| teconsentActive object| myibm function| onmouseoverFeedback function| onmouseoutFeedback function| onfocusFeedback function| onfocusoutFeedback function| onclickFeedback function| onmouseoutFeedbackforMarketPlace function| onmouseoverFeedbackforMarketPlace function| onfocusoutFeedbackforMarketPlace function| kampyleEvents object| custom function| output function| escapeDismiss function| surveyUtilFn string| tmpCurrentUrl function| siteFeedbackClose undefined| environmente object| temp function| createInvitation object| twttr string| tempUrl object| overrideKeys string| myitem object| newPatt string| survey_name number| preventCount object| Demandbase function| _truste_eumap object| truste object| $temp_box_overlay function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG function| metric string| computedFontFamily

34 Cookies

Domain/Path Name / Value
.cloud.ibm.com/analytics Name: com.ibm.cloud.console.analytics.anonymousId
Value: 0ed1b500-1a56-42e8-bcd7-67364b84a899
.ibm.com/analytics Name: BM_SESSION_ID
Value: 1650987231845
.securityintelligence.com/ Name: pageviewContext
Value: 4e7c64e3-33a3-4e41-afb4-9f16d5a52fc0
.securityintelligence.com/ Name: _ga
Value: GA1.2.1742940947.1650987232
.securityintelligence.com/ Name: _gid
Value: GA1.2.1446925969.1650987232
.securityintelligence.com/ Name: _gat_gtag_UA_143580012_4
Value: 1
.securityintelligence.com/ Name: userContext
Value: n/a|0|0|0|CA|QC|0|n/a|n/a
.cloud.ibm.com/ Name: com.ibm.cloud.console.nEU
Value: 1
.securityintelligence.com/ Name: BMAID
Value: 0ed1b500-1a56-42e8-bcd7-67364b84a899
.securityintelligence.com/ Name: OPTOUTMULTI
Value: 0:0%7Cc1:1%7Cc2:0%7Cc3:0
.mathtag.com/ Name: uuid
Value: bae56268-10e0-4f00-94f7-4cc38e6d08e3
.tealiumiq.com/ Name: TAPID
Value: ibm/main>01806681eb220095e139e354347803074007d06c00b08|
.securityintelligence.com/ Name: _gat_gtag_UA_143580012_1
Value: 1
.securityintelligence.com/ Name: notice_behavior
Value: implied|eu
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 2b812b86c1dd768fc373a679fd042d23
.t.co/ Name: muc_ads
Value: cdca4c0d-e080-4c9c-b0b0-c082ed148d9b
.rlcdn.com/ Name: rlas3
Value: ZsV6qaM9leFIVmDh4h0sSlww0oURaGMDb83aS1k5z8o=
.twitter.com/ Name: personalization_id
Value: "v1_MA3ucalxxaxVnUuTCI2XqA=="
.demdex.net/ Name: demdex
Value: 38982802908049748884559693531792437613
.securityintelligence.com/ Name: AMCVS_D10F27705ED7F5130A495C99%40AdobeOrg
Value: 1
.securityintelligence.com/ Name: utag_main
Value: v_id:01806681eb220095e139e354347803074007d06c00b08$_sn:1$_se:3$_ss:0$_st:1650989032391$ses_id:1650987232035%3Bexp-session$_pn:1%3Bexp-session$is_country_requiring_explicit_consent:false$dc_visit:1$dc_event:2%3Bexp-session$mm_sync:1%3Bexp-session$mm_ga_sync:1%3Bexp-session$dc_region:us-east-1%3Bexp-session
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YmgQ4AAAAELmKQPx
.company-target.com/ Name: tuuid
Value: c242232a-fec9-451d-89ca-f6ddea24d029
.company-target.com/ Name: tuuid_lu
Value: 1650987232
.dpm.demdex.net/ Name: dpm
Value: 38982802908049748884559693531792437613
.securityintelligence.com/ Name: AMCV_D10F27705ED7F5130A495C99%40AdobeOrg
Value: 359503849%7CMCIDTS%7C19109%7CMCMID%7C45946688110506506233935506906823114682%7CMCAAMLH-1651592032%7C9%7CMCAAMB-1651592032%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1650994432s%7CNONE%7CMCSYNCSOP%7C411-19116%7CvVersion%7C5.0.1
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
www-api.ibm.com/ Name: notice_preferences_master
Value: {}
.rlcdn.com/ Name: pxrc
Value: COChoJMGEgUI6AcQABIGCPHrARAAEgYIyt0qEAA=
.bing.com/ Name: MUID
Value: 16EE3F53068F6C233F072EC107A56DB8
.c.bing.com/ Name: MR
Value: 0
.demdex.net/ Name: dextp
Value: 269-1-1650987232733|60-1-1650987232835|1123-1-1650987232936|1957-1-1650987233038|22052-1-1650987233139
.ml314.com/ Name: pi
Value: 3626783351255334923

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.www.s81c.com
analytics.twitter.com
api.company-target.com
api.www.s81c.com
c.bing.com
cdn.ampproject.org
cloud.ibm.com
cm.everesttech.net
collect.tealiumiq.com
consent.trustarc.com
consent.truste.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
ibm.demdex.net
id.rlcdn.com
idsync.rlcdn.com
images-cdn.welcomesoftware.com
ml314.com
pixel.mathtag.com
pixel.newscred.com
scripts.demandbase.com
securityintelligence.com
segments.company-target.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
t.co
tags.tiqcdn.com
unpkg.com
visitor-service-us-east-1.tealiumiq.com
www-api.ibm.com
www.google-analytics.com
www.googletagmanager.com
103.229.206.240
104.244.42.131
104.244.42.69
104.77.220.194
13.225.223.120
13.225.223.21
13.225.64.15
13.225.64.21
13.226.31.55
151.101.208.157
23.3.114.203
23.5.232.186
2600:141b:9000:495::b3a
2600:9000:2209:d000:f:fcff:7940:93a1
2606:4700:3033::ac43:86d6
2606:4700:440e::6812:2fe6
2606:4700::6810:7caf
2607:f8b0:4004:c06::9d
2607:f8b0:4006:808::200a
2607:f8b0:4006:80e::2003
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81e::200e
2607:f8b0:4006:822::2008
2620:1ec:c11::200
3.219.153.61
34.111.234.236
35.190.60.146
52.0.123.240
52.1.175.157
52.1.60.235
52.4.86.119
54.149.36.69
96.17.65.31
013027e2f397c88d7d7555cb3565beb2c65bb3b01b9c5738b04332aa13998740
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03d81c05d2b7bcd709563806be145309333dd0f398a91885350953cda5a1a04f
054a691210127056d3210996fae440364403edfef904affa979214ee9322637b
0ccf8a2b8cd2286519225b7ce236a0d97bf93b2463384e113852c99ec8f9281c
0e82da81b591f6ffc35aa67bcd9e1c39aa5983f7f8baaf35892956e8b2dc004b
0f2ce7d98b6052b31e113dd73dc7dbb0ffb03854f456576924f19c2f492fd64e
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
109e8890bba6d8e005212094e43a58dfa2ea6ec702c9b7434c19c844ec832411
194ea51d8f1ad1c00fbb738c8b400fbd2e4bd652fd578d52c2d6546d59295154
223e7e6473baa1382eec223ce1775022adbba174e939b5551b9f7d1556ee8e9b
2362a2b6663976d80e30679ab74d07731dd20ba8c5adbcae3d1123a6406d8eda
24c65488b6156369e396b9fe8645a0943120b86f6548a6b29095d792dc02ec8f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2e7f5342105b392a295080c87c345965fa5f4dea75ca8af10584bcac7c8d48a2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
312150280db7f7b09d11f18a58c0eeef6ec97a85976a44c163a96360ce09b160
31f1c8437b4a34d4b4d66c59927d16774fb6197faf13dbd7b04758a2afdbad0b
391b94e7a9baba5e00252d07d966559b574c3e1b1925ac13e492663deab50c57
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cfe376a6b5d297b321520ba61e88a67aee9d63330c8afe45c58e38495bdfe0e
3dc4d3eb74495bac9f1206cff87065096d318e75b30b62ce034763b45b142da0
3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b
400dd9c39d2d01ed976237c79a8ad0c20be47971a0467f2269c8ebe55567bcc8
4592c521f52bd17d12a3df2183effd3603f70b5db98edfcf3f739a72e80c5d16
473b9fbb17fa7755c34ae89223bb3d75e7c9220cb31cae32e5838eae3b5814fe
49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785
4a4f63fe60b19218be345784bc89f2254b401217dd2c009afe68d4687a2c2364
4dd1908c6a8fd56a009de150a0d1b0c6c18a21543ff2f246a7108f385a22500e
54d3e6fd6df1340fa8bfe759ccbf99d178b5bebe49ef39bc4ef0ba99f0420c00
54e73aef7b2b0ccad0cdbfc30b6c82a011948df3827919196a0f27893ce5d5c6
5d5997f11a9482db230a12a91801a5006294d0c68817607fb2d8efdc7ecf006a
614c617b582f3242f31673e3c55680ef605fc21ec22e6547881c60dd97dee6c6
663a14b3fbb5e44ad939917a2f6f4d93f31a0a1d8ab6702fb0a66036141ddc8b
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
67a192cdfd3349d046b90e8fcf60c2b66a492d849f129ca525e4f7f518471f34
681e885d2baf3a5865cfa1fd6b9e5855b8a104b379208852b595c4e72f2c54b8
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf8c1a5bb073a51e3e127ad0660c56e81220a22b0096a3bfd591d1add47597b
6eb3793eae6e61c3d227920d6667a235bfe163419a2df950497adeb4fcaf802e
700564c8febd0b509b32f3866c1266fd2a4b3f351babb445c7e3c7a2e742488f
70d4c4423dab9cf00b6e9bcf57518eeafff00e9d2499f4463498b03bef2bdc33
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
721fcabde967413392ce5028992a4f5e2ad45c8a61ab7c0cb5a54c56cfd95b4a
790cfd19a8e033f96c28d63386fc4e3aff117ed855f762b40f39691a921de760
7978bdf5d9580547eef7aa32eaf9a9cbb9c1d90d5f82f4657cf79a90cfdb5c57
7b604f8a1cdde1ea09dfd5d5b2db94d9970d12c0b8189441e94892495fb5eb5d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7bf8c8af5f6bd977c4618843d6f103ef01162da38c8cc27b5f292549c9a1ca7d
7f460f36d6ad0f445f08189a2a7451cefc76c7076ee6fb80552220fcf4caeb88
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
8143504aa0343cd3d72cb2dc971a0c6bb7ceeb28d2f20970e24527988659139f
814759860cc987a983b49f360ae29e58b08fda03e86356545d310f44bd8c972c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b78eb94721c251b6490f7c126252b10a464fb22d8ab472fe2c81cc18897a64
86042f3e488c299da25a01ea2decaf7e796abd7ae4811782a75abc7ee78ee8d2
87d3689542a353de7f07e46bb049ce7c2d7a68d222667e21df0031a8a3c23233
898413f0d39495364dbf2fea8d75f90c5e59196b8a659f4cd3b97d5e0a491367
8d4a8fd92a0381d2c534abe994beba126da9eb4b5de49412c78a06ee4c730c20
90596b3d8081c6c46f53c00cc4215ccb61cadd6b0268bc2f9fe553c35774753d
96dfc5f50442cc86b4a34c0776427374af0b3a906c0d1b27ef2916e78b721f13
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c7c2f2956f1110e5e7e360759c0fc49b62242b1e79667d67dbf945128551c54
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adadfded3c1ffd984b57da307940b9acdc2e27767415891c5390ba94ac2c1bde
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5f4df0247e5df3b3b83ca6e660e00a736a45c36b07edd571bb6d209744d3c09
b62c80a53749bed7d1e8d6a4798f744e4701e66c8383e301621ad8839b24b09c
b641685ea9eb246f092fb81633a1cfc7d2bd4cb01cc9af454550b18801c5329a
b6440fc0195f3b55d6745b071f7fc9201aa74fe10a6bf8e403ef3660552d08aa
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf4eae9216be01f9a411ac93c5008eb38a3abdbb12fdb50ef974a4599e90220a
bf51007c87fc4e17da5ec6ffccaab0804cc92186d1afad892e4b30094d133677
c081b6870951b06b158f4ce8884da257af0065e3a47798430397ec81626af1c5
c293dd767ec7cbd73e2a44a205433e08818fed8259a060805a8b063dc33b456a
ca9b10dd6f91b1495f2f5afb055e060c55a5cc89e12c435e383cc1998741a739
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d796fcda18a44aa209039284b19bc592a9731cd0e791e14ee64ccf72003dcfdd
d87e9a5f66c1631a2b24f3ae74e4ffbedf00b643d1c57bded3c119773dcb0968
d9e83868be0fa34b8fedf843526cdb2ac18c4a92311ca8bcb73fdf15eade8b8b
dca337d11cb99c194e99da0a8780ec4219ff742646b52a49675fffe44f5a7658
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb89b2cb1badbd9a684e6aed8409d4d7e7a9ef9d863b95c1116755a307a5f5a
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
e10c0bc79c425822dac76b3b3d381f523bc1a548b922ee73ce3435ef45c2ae6b
e1b1e30b7778a859a6584d608645bf5d8402cf53fcf078b55fe617a117fec429
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e285410eae8dc7586a1f0e3fe7a1ba47ae534f21ac997c5249a38c1fb8d2c36f
e3181e593aa1c8a96cdd550ee065310398ea980f29f9582275b9b42110cb116b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e52da84eb8c2c9fac05d2455987621e279d0b0e0719d73351cac0d975d812588
e57b4f20189b81d0b529481def6b7bddf6ad1fa33e9a6ed808d2a9d28e479334
e830e5df9973ea43347538348ec5001185f1c305d5f1a8fd73769bf2534e3682
e8456dfb9024efd6efd23bcfed89ccccfc1ebf9e2337093485bbf4b462bcbaa5
e89cc85750cabe4a1352be2c824af05958b906fdf9ab9b9e99fdd15a4d798152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5cdad2f0b52ff96bdeeecfae0c9a1f685a095913ed3f069e18e36525020d7ef
f69ecb3c984016b6b230d1449135e316365e81d081254f40e1ff1e3ec1029bac
fa65ae4b632714fe246c34a2c886c18d143750b5ad4c17ccb791b0e19c796c20
fca4ce5b9ecb1b62c989122c607c9987bc12f3c90989e4a5cc4a97d22f93fba9
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe286d4418ea555bb568a81ebcaab56560fc7d076eda46a790290db0c942e708