urlscan.io logo urlscan.io
SecurityTrails logo

securityintelligence.com Open in urlscan Pro
2606:4700:3036::6815:67a  Public Scan

Go To Rescan Add Verdict Report
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Submission: On June 06 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 2 countries across 31 domains to perform 128 HTTP transactions. The main IP is 2606:4700:3036::6815:67a, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityintelligence.com. The Cisco Umbrella rank of the primary domain is 350684.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.
This is the only time securityintelligence.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 2606:4700:303... 13335 (CLOUDFLAR...)
14 2607:f8b0:400... 15169 (GOOGLE)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
5 2600:141b:900... 20940 (AKAMAI-ASN1)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
9 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:213... 16509 (AMAZON-02)
1 23.3.114.203 16625 (AKAMAI-AS)
15 23.198.216.246 16625 (AKAMAI-AS)
1 23.5.232.186 16625 (AKAMAI-AS)
7 54.186.90.48 16509 (AMAZON-02)
1 1 100.24.83.44 14618 (AMAZON-AES)
7 13.224.81.3 16509 (AMAZON-02)
1 54.230.10.127 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 7 104.102.253.16 16625 (AKAMAI-AS)
2 54.83.227.76 14618 (AMAZON-AES)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 199.232.36.157 54113 (FASTLY)
1 99.84.37.52 16509 (AMAZON-02)
1 2 34.195.85.3 14618 (AMAZON-AES)
1 18.210.210.93 14618 (AMAZON-AES)
1 104.244.42.5 13414 (TWITTER)
2 104.244.42.67 13414 (TWITTER)
2 52.86.80.197 14618 (AMAZON-AES)
5 2607:f8b0:400... 15169 (GOOGLE)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 13.107.43.14 8068 (MICROSOFT...)
1 2 104.18.101.194 13335 (CLOUDFLAR...)
1 1 216.200.232.249 30419 (MEDIAMATH...)
3 3 35.190.60.146 15169 (GOOGLE)
1 2 54.230.10.69 16509 (AMAZON-02)
1 54.230.10.121 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 34.111.234.236 15169 (GOOGLE)
128 31
31    2606:4700:3036::6815:67a (United States)

ASN13335 (CLOUDFLARENET, US)
securityintelligence.com
14    2607:f8b0:4006:81f::2001 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
5    2600:141b:9000:68a::b3a (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
1.www.s81c.com
www-api.ibm.com
3    2607:f8b0:4006:806::200a (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
9    2607:f8b0:4006:80d::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:9000:2131:1800:f:fcff:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)
images-cdn.welcomesoftware.com
1    23.3.114.203 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-114-203.deploy.static.akamaitechnologies.com
api.www.s81c.com
15    23.198.216.246 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-216-246.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    23.5.232.186 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-232-186.deploy.static.akamaitechnologies.com
cloud.ibm.com
7    54.186.90.48 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-90-48.us-west-2.compute.amazonaws.com
dpm.demdex.net
ibm.demdex.net
1    100.24.83.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-83-44.compute-1.amazonaws.com
cm.everesttech.net
7    13.224.81.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-81-3.man50.r.cloudfront.net
consent.trustarc.com
1    54.230.10.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-10-127.man50.r.cloudfront.net
scripts.demandbase.com
1    2607:f8b0:4006:80a::2008 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    104.102.253.16 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-253-16.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    54.83.227.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-227-76.compute-1.amazonaws.com
collect.tealiumiq.com
1    2600:141b:13::17d7:82d0 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    199.232.36.157 (New York, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    99.84.37.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-52.ewr52.r.cloudfront.net
analytics.newscred.com
2    34.195.85.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-85-3.compute-1.amazonaws.com
sync.crwdcntrl.net
1    18.210.210.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-210-93.compute-1.amazonaws.com
pixel.newscred.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
2    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    52.86.80.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-80-197.compute-1.amazonaws.com
visitor-service-us-east-1.tealiumiq.com
5    2607:f8b0:4006:81f::200e (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    104.18.101.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
2    54.230.10.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-10-69.man50.r.cloudfront.net
segments.company-target.com
1    54.230.10.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-10-121.man50.r.cloudfront.net
api.company-target.com
1    2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
Apex Domain
Subdomains		 Transfer
31 securityintelligence.com
securityintelligence.com — Cisco Umbrella Rank: 350684
281 KB
15 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 930
140 KB
14 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 308
220 KB
9 gstatic.com
fonts.gstatic.com
166 KB
8 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1177
sync.mathtag.com — Cisco Umbrella Rank: 409
9 KB
7 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 2776
41 KB
7 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 194
ibm.demdex.net — Cisco Umbrella Rank: 31172
9 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 320
www.linkedin.com — Cisco Umbrella Rank: 560
px4.ads.linkedin.com — Cisco Umbrella Rank: 5318
4 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
5 s81c.com
1.www.s81c.com — Cisco Umbrella Rank: 50234
api.www.s81c.com — Cisco Umbrella Rank: 66902
171 KB
4 tealiumiq.com
collect.tealiumiq.com — Cisco Umbrella Rank: 2716
visitor-service-us-east-1.tealiumiq.com — Cisco Umbrella Rank: 6595
2 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 847
45 KB
3 company-target.com
segments.company-target.com — Cisco Umbrella Rank: 1168
api.company-target.com — Cisco Umbrella Rank: 2918
2 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 555
idsync.rlcdn.com — Cisco Umbrella Rank: 300
787 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
2 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 511
539 B
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 506
452 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 678
836 B
2 newscred.com
analytics.newscred.com — Cisco Umbrella Rank: 29211
pixel.newscred.com — Cisco Umbrella Rank: 141591
21 KB
2 ibm.com
cloud.ibm.com — Cisco Umbrella Rank: 36370
www-api.ibm.com — Cisco Umbrella Rank: 56461
5 KB
2 welcomesoftware.com
images-cdn.welcomesoftware.com — Cisco Umbrella Rank: 319333
327 KB
1 ml314.com
ml314.com — Cisco Umbrella Rank: 1522
407 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 210
613 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
445 B
1 t.co
t.co — Cisco Umbrella Rank: 505
336 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 608
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 760
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
39 KB
1 demandbase.com
scripts.demandbase.com — Cisco Umbrella Rank: 5650
19 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 923
517 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1125
5 KB
128 31
Domain Requested by
31 securityintelligence.com securityintelligence.com
static.cloudflareinsights.com
15 tags.tiqcdn.com 1.www.s81c.com
tags.tiqcdn.com
securityintelligence.com
14 cdn.ampproject.org securityintelligence.com
cdn.ampproject.org
9 fonts.gstatic.com fonts.googleapis.com
7 pixel.mathtag.com 1 redirects tags.tiqcdn.com
pixel.mathtag.com
securityintelligence.com
7 consent.trustarc.com tags.tiqcdn.com
consent.trustarc.com
securityintelligence.com
6 dpm.demdex.net tags.tiqcdn.com
securityintelligence.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
securityintelligence.com
4 1.www.s81c.com securityintelligence.com
tags.tiqcdn.com
4 unpkg.com 2 redirects securityintelligence.com
3 px.ads.linkedin.com 3 redirects
3 fonts.googleapis.com securityintelligence.com
2 segments.company-target.com 1 redirects securityintelligence.com
2 id.rlcdn.com 2 redirects
2 p.adsymptotic.com 1 redirects securityintelligence.com
2 visitor-service-us-east-1.tealiumiq.com tags.tiqcdn.com
2 analytics.twitter.com securityintelligence.com
2 sync.crwdcntrl.net 1 redirects securityintelligence.com
2 collect.tealiumiq.com tags.tiqcdn.com
2 images-cdn.welcomesoftware.com securityintelligence.com
1 ml314.com 1 redirects
1 c.bing.com 1 redirects
1 idsync.rlcdn.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 api.company-target.com scripts.demandbase.com
1 sync.mathtag.com 1 redirects
1 px4.ads.linkedin.com 1 redirects
1 www.linkedin.com 1 redirects
1 t.co securityintelligence.com
1 pixel.newscred.com securityintelligence.com
1 analytics.newscred.com tags.tiqcdn.com
1 static.ads-twitter.com tags.tiqcdn.com
1 snap.licdn.com tags.tiqcdn.com
1 www.googletagmanager.com tags.tiqcdn.com
1 scripts.demandbase.com tags.tiqcdn.com
1 cm.everesttech.net 1 redirects
1 ibm.demdex.net tags.tiqcdn.com
1 www-api.ibm.com 1.www.s81c.com
1 cloud.ibm.com 1.www.s81c.com
1 api.www.s81c.com 1.www.s81c.com
1 static.cloudflareinsights.com securityintelligence.com
128 41
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.ibm.com
GeoTrust RSA CA 2018		 2021-09-13 -
2022-09-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.welcomesoftware.com
Amazon		 2022-02-23 -
2023-03-24		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
wildcard.bluemix.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-22 -
2023-03-22		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2		 2020-05-21 -
2022-07-17		 2 years crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2021-10-18 -
2022-10-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.tealiumiq.com
Amazon		 2021-09-24 -
2022-10-23		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
api.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2021-10-20 -
2022-09-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Frame ID: 7D03BCFEC47817E1E488B9162E9FCC03
Requests: 125 HTTP requests in this frame

Frame: https://ibm.demdex.net/dest5.html?d_nsid=0
Frame ID: 9870F043A4A27E69E00153D8DE20BDAE
Requests: 6 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=ibm.com
Frame ID: 7E813CB3932ECB1C83D01A8F699A04F7
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=68b1629e-27b4-4e00-aec7-4abbbe73c4d7&no_iframe=1&mt_adid=171815&mt_lim=20&skipsync=10090&source=mathtag
Frame ID: 13A47BC3EC5D5E0752921FF35F042128
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IBM Security X-Force Research Advisory: New Destructive Malware Used In Cyber Attacks on Ukrainesi-icon-eightbarfeature

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

128
Requests

91 %
HTTPS

38 %
IPv6

31
Domains

41
Subdomains

31
IPs

2
Countries

1541 kB
Transfer

3536 kB
Size

45
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@8.2.2/swiper-bundle.min.js
Request Chain 24
  • https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
  • https://unpkg.com/swiper@8.2.2/swiper-bundle.min.css
Request Chain 82
  • https://cm.everesttech.net/cm/dd?d_uuid=47932129809636591092643384692785063632 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yp4nswAAAKqjcAN2
Request Chain 94
  • https://pixel.mathtag.com/sync/img?sync=auto&mt_exid=10040&exsync=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D4735%2Ftp%3DMDMA%2Ftpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/map/c=4735/tp=MDMA/tpid=e8de629e-27b4-4800-8093-4cd8989732cb HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=4735/tp=MDMA/tpid=e8de629e-27b4-4800-8093-4cd8989732cb
Request Chain 101
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=24646&time=1654532020080&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=24646&time=1654532020080&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D24646%26time%3D1654532020080%26url%3Dhttps%253A%252F%252Fsecurityintelligence.com%252Fposts%252Fnew-destructive-malware-cyber-attacks-ukraine%252F%253Fsocial_post%253D6567161505%2526linkId%253D156583495%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=24646&time=1654532020080&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=24646&time=1654532020080&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&cookiesTest=true&liSync=true&e_ipv6=AQJe7KQAZtb1cAAAAYE5yxmFqIW2GLWwMTcCuKJ2kt0vjQx22xqj976pjcbU9ewuYnzA94Bs HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c22f921b-8569-40dd-9e7f-d91cc4dc29ee HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c22f921b-8569-40dd-9e7f-d91cc4dc29ee&_expected_cookie=65507fbf96574a590c900fba32b2475e
Request Chain 110
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=47932129809636591092643384692785063632&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d47932129809636591092643384692785063632 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=68b1629e-27b4-4e00-aec7-4abbbe73c4d7&ddsuuid=47932129809636591092643384692785063632
Request Chain 111
  • https://id.rlcdn.com/464526.gif HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCLTP-JQGEgUI6AcQAEIASgA HTTP 307
  • https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297WX7xwFmjowE_sg68_4eyhAHHO-C8q_Y3hvhriiG20JE HTTP 303
  • https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297WX7xwFmjowE_sg68_4eyhAHHO-C8q_Y3hvhriiG20JE&verifyHash=c64fa78fb44eb408e66482718aa06e4b6d5a37d
Request Chain 114
  • https://idsync.rlcdn.com/365868.gif?partner_uid=47932129809636591092643384692785063632 HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=28310ea270c3d54bb251d5f5186239fb8df47e9d03243958d3dc5a5e1076cf8fb0da87c991749652
Request Chain 120
  • https://c.bing.com/c.gif?uid=47932129809636591092643384692785063632&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2434190AD1EC637C0B4D08B1D046624B
Request Chain 122
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3627734897764335692

128 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/ 		134 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
c43fff2e7f6c8de31aa918897cafa8560463b46cf5c9c70d400bf48ae430ab57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=1800, must-revalidate, proxy-revalidate
cf-cache-status
MISS
cf-ray
71726fb249794bb8-YUL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Jun 2022 16:13:38 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Mon, 06 Jun 2022 16:14:38 GMT
last-modified
Mon, 06 Jun 2022 16:13:38 GMT
link
<https://securityintelligence.com/wp-json/>; rel="https://api.w.org/", <https://securityintelligence.com/wp-json/wp/v2/ibm_internals/434820>; rel="alternate"; type="application/json", <https://securityintelligence.com/?p=434820>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzPeWmVWjtaV93C78vXKR5ykUJbmEMmcfCiqurzirnkrpEEiDKLuO4R3Ty81KFMN08W%2BGrxkNxoY7bw7wR%2Bt63C5hB3ky2qrTV4hEQR5FRRieLNDdsj9dVf7TyILpDB7ItgsUHxrg5%2Fst%2B%2BVZ1vORue%2Fo8M9aaY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
X-Forwarded-For, Accept-Encoding
x-content-type-options
nosniff
x-powered-by
W3 Total Cache/2.2.1
x-xss-protection
1; mode=block
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9940eb9806fb1f3130839bcf4913ab6fe6e3cffac01c7cc2740b9bd355d5ec1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72567
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 16:13:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"0182f969920c40b4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Jun 2022 16:13:38 GMT
amp-list-0.1.js
cdn.ampproject.org/v0/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-list-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be27ec6529da1b2c5f4cf2a1c57a5ac7dd651b81646ba764183c6c3b619e7f7c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12906
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 16:13:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"de48020113e7d5f8"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Jun 2022 16:13:38 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97726d7a57a36fcda8667bc041f0ac27cdd5f9bd8272c816b96047318dc0b1a3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14309
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 16:13:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"8ee25f2cc72f3116"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Jun 2022 16:13:38 GMT
amp-accordion-0.1.js
cdn.ampproject.org/v0/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-accordion-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5b477daa2e51a490ea0304e35751aaa50565e8e751fd3faf4f31294e7ffcc96
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5842
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 16:13:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"0499f2e3d1fc2a54"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Jun 2022 16:13:38 GMT
amp-animation-0.1.js
cdn.ampproject.org/v0/ 		82 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-animation-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78d81902971c05b37d3eb2260486bc9b76d9c13e3787eb3287667ba53d423350
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 16:13:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"33e053f0ebed5224"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Jun 2022 16:13:38 GMT
amp-position-observer-0.1.js
cdn.ampproject.org/v0/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-position-observer-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f26aa8bc01c2bc91d280f30496f154c8fcb5c8ac963a2b4f243db6e5be4b5b9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3701
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 16:13:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"447f29340d3598d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Jun 2022 16:13:38 GMT
amp-bind-0.1.js
cdn.ampproject.org/v0/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-bind-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
138d2443215530069b69d111779d097ad0e6b2eafc239fccd7e157bc24df77ab
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16247
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 16:13:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"852801248fac8650"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Jun 2022 16:13:38 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
685f34474f32ea1d970b320b86a646f159cf25190c2f651be54a217df6cafcaa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9482
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 16:13:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"8ba2edb42d9c7dd4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Jun 2022 16:13:38 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65a5acabcf3544222a38b6666e37a79282dfe1ee5a30b6f5cbccc5e196920dc7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4787
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 16:13:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"b1690590c31a016b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Jun 2022 16:13:38 GMT
amp-lightbox-gallery-0.1.js
cdn.ampproject.org/v0/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-lightbox-gallery-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bb75c598d42e67d78fbfedcdfdd20744fdbef2a0435768cdeae0daf021a21e0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18998
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 16:13:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"485d8e7ed1a3a5c6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Jun 2022 16:13:38 GMT
swiper-bundle.min.js
unpkg.com/swiper@8.2.2/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.js
  • https://unpkg.com/swiper@8.2.2/swiper-bundle.min.js
139 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.2.2/swiper-bundle.min.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fded9ec5820ad165d5b36a6f23fac4b0f2d1b32e714d651c081122442c0df277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
455594
fly-request-id
01G4FA6FMQKMRW99NSG0V7HJKQ-chi
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"22c3f-OrufNhtD0uczpHA7rmrO1Fs8jL8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
71726fba9ca0ca5f-YUL

Redirect headers

date
Mon, 06 Jun 2022 16:13:38 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G4WW0CH61YH5GYK6VETEZ9V5-chi
server
cloudflare
age
567
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/swiper@8.2.2/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
71726fba6c16ca5f-YUL
access-control-allow-origin
*
amp-video-0.1.js
cdn.ampproject.org/v0/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-video-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a03cc75c17f2555dcbbacc84db95172d7c14fedfae9adb48e1e85ae925370b81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 16:13:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"8379d4807c189fc3"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Jun 2022 16:13:38 GMT
amp-youtube-0.1.js
cdn.ampproject.org/v0/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-youtube-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7656ab511253f42ca6100b743c11cb9dd3362c5fc4858c6d3f2fa628448e12e2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11174
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 16:13:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"6569e2f65225511b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 06 Jun 2022 16:13:40 GMT
Cybercriminal-creating-malicious-software-typing-on-laptop-keypad-closeup.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/02/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/02/Cybercriminal-creating-malicious-software-typing-on-laptop-keypad-closeup.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
7978bdf5d9580547eef7aa32eaf9a9cbb9c1d90d5f82f4657cf79a90cfdb5c57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27470
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 24 Feb 2022 22:11:21 GMT
server
cloudflare
etag
"6b4e-5d8cadcb90088"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNgJTSwJSx6U%2B1fm832W%2BJE3JCR3krO2S34soO7vyBYr7lKRsCiBUzWuWBce%2BD4z9uB7SHFy03a7M6HeT85yl5EPkTzLpoGxspa4aTO6kIRj590ld%2BtYxah2mH9cYaNQVyiCYXLZQwePDNlHHNZPvotiPQMLF%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
71726fbb58c6ecee-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
ida_stats.js
1.www.s81c.com/common/stats/ 		250 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.www.s81c.com/common/stats/ida_stats.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:68a::b3a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0cebc4cda5eaf2c6fc34cfed64538e75eeeef75b3e6966a5857f790f118933ae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
last-modified
Wed, 01 Jun 2022 15:12:53 GMT
etag
"3e612-5e06452c371f6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=48228
strict-transport-security
max-age=2592000
accept-ranges
bytes
content-length
72737
expires
Tue, 07 Jun 2022 05:37:26 GMT
modules.css
securityintelligence.com/wp-content/themes/sapphire/minifications/ 		67 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/minifications/modules.css?v=1650466695
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
9c7c2f2956f1110e5e7e360759c0fc49b62242b1e79667d67dbf945128551c54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Wed, 20 Apr 2022 14:58:15 GMT
server
cloudflare
etag
W/"10bc9-5dd173912a42e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtGZDMXIoasUQ%2Bx6Z7qwHnHnp60e1SMxs639XDKLlKkgHesTOCKe2TEHPqDc%2F4bN4P0G1OQRt0Q7n49A%2FsSq58qRbTT4qnSPt%2BWCrNC6QQWD8r0XU7pS0CpodLom%2B1eETOwSKx8Z7twvJDAfF0S2H45bA2J2VGw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fba3d544bb8-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
style.min.css
securityintelligence.com/wp-includes/css/dist/block-library/ 		81 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Tue, 12 Apr 2022 15:39:52 GMT
server
cloudflare
etag
W/"145db-5dc76df34f5e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JJ2aisjHZg7KK%2BHX%2BWx0bwfAjsmWmDOrfsB2b5tQQrNBj%2F%2Fyrov9giC2FN4%2FZhgfZyYvGpsxrKEmkuaxXf%2FKd8sC2BR4G3Qbhn7P6q%2FRfACL37KLGUBcuZEwcKGCUnR0JceGGu%2FO44dEx74sVlgUh0i4kXDuw0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fba5d7d4bb8-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
styles.css
securityintelligence.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 21 Oct 2021 20:37:53 GMT
server
cloudflare
etag
W/"aab-5cee2de7285a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25YIcUPPYs5NGg%2FReD2z7mbaHQwAuVPqo8%2F32N3Hv8r4Mdq5JvX7qUxoMUZPJHW1JKwaGVflioxZ0AKBJGPoYAeOc%2FlsElUjv0bLyZZ%2BoxTtcXzJ1xosJNdtowv2DxFwRDlr8szJl32Ida5p0Ph5VayNxZhd2rk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fba5d7e4bb8-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
style.css
securityintelligence.com/wp-content/plugins/taxonomy-images/css/ 		447 B
570 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/plugins/taxonomy-images/css/style.css?ver=0.9.6
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
4dd1908c6a8fd56a009de150a0d1b0c6c18a21543ff2f246a7108f385a22500e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 19 Sep 2019 20:08:59 GMT
server
cloudflare
etag
W/"1bf-592ed8633ba35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FgyuPAcxkQVYwYQb%2FIXJqFuTiYbLkyb8CfHD%2Fep%2B9ROC5kGZTRqEdl1R5ffLaQtcor3nXbAzef1Uji0I%2FjZc5DtYzIlaxm82u5qJ7gKPFfZMiFvWECrJJnWpIMjhBk6arXLyXJR7Y%2BzCpHJ8O5PkQhoLgFLDkCE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fba5d824bb8-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
jquery.min.js
securityintelligence.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 22 Jul 2021 17:28:09 GMT
server
cloudflare
etag
W/"15db1-5c7b99c5423f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRKsh%2B2g4Ix%2B6DUUK37dr34KAz%2FhkXHek2AN9mE59Gx3OyX7N%2FRsdzeZvN%2Bh0p4%2B%2BUM5H5fMsjrHXc%2Fg8LzDIHzgiI3pTG%2BVARq2AExApdozmNhskRVdvggp4uka1PvVJwTqI1Z%2BI2FV7E7x3IpsmtPeq%2Bd3i%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fba5d834bb8-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
jquery-migrate.min.js
securityintelligence.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Mon, 14 Dec 2020 14:00:37 GMT
server
cloudflare
etag
W/"2bd8-5b66d110e5c96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViSy%2BLksRB9ZBPr8qyIfSmlfeUTMkDXxeA2mpcoLp2JT7ekRsNRttTbwY606FlzdUd0BJcb1OBkrvX7RBOOUoDdfsC5iEvv%2FzwwJ%2F1e06qEhVj8JDzmfO%2FY4imRTYtbKzqoqrc9F%2FKlPF8aTkW67gWYxpUu0G18%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fba5d844bb8-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
css
fonts.googleapis.com/ 		9 KB
794 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
da514714c772d8dc5d8b412814d7b9af80665ed0ac579bedb33fe420ed022d2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 16:13:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Jun 2022 16:13:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Jun 2022 16:13:38 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
040d5f70883d0a420aadb6ae2664efd27ac22ca44190b69b4f4ab53db9bda25b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 16:13:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Jun 2022 16:13:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Jun 2022 16:13:38 GMT
css2
fonts.googleapis.com/ 		2 KB
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Serif&display=swap
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2bed695b279192de5856766067ce26e759a15b0ddabdf7607b0f8a6d82fb8a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 16:13:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Jun 2022 16:13:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Jun 2022 16:13:38 GMT
swiper-bundle.min.css
unpkg.com/swiper@8.2.2/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.css
  • https://unpkg.com/swiper@8.2.2/swiper-bundle.min.css
16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.2.2/swiper-bundle.min.css
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c47d3b4fba602a39c1566d5fb80a392b71626f22aa18ae43a881464b99550565
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
455621
fly-request-id
01G4FA1EKCREF1W20VQT7744FA-chi
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3ff7-4TzcCT4CtYqFxJ2qfzWNnOrpWmA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
71726fba8c6cca5f-YUL

Redirect headers

date
Mon, 06 Jun 2022 16:13:38 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G4WWEDP27KHCHF1ES1396EV5-chi
server
cloudflare
age
107
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/swiper@8.2.2/swiper-bundle.min.css
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
71726fba6c13ca5f-YUL
access-control-allow-origin
*
single.css
securityintelligence.com/wp-content/themes/sapphire/minifications/ 		84 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1654192268
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
7e7e47e0b63f2d7aaed76f33ad2153ad7df9ce69c31a4804a52a5ca0d1afb0ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 02 Jun 2022 17:51:08 GMT
server
cloudflare
etag
W/"14e03-5e07aa6930d45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MX7Y2u5u9dH5NBzqFTROYvoFZyeGFfQfJk6ZJRDiLvZtZ0froobY3ORtMhAqVKtvjhXQIih3UCwgpbs0OHGEqlFjzQPIeRaNe2Mc3F4fgw1hS%2Fy4%2FAOMfvVqsJi2bLozFUYTHDWh06VkuT%2F2FJ%2BlyUoib%2FCh4U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fba5d864bb8-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
email-decode.min.js
securityintelligence.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 May 2022 19:22:11 GMT
server
cloudflare
etag
W/"629124e3-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SsJwHz%2Bmc%2Bn3PKlkZPh0az0eUASYuSqh4gnWUrA9ckSSJiKwmp2nJtyDx8cG7u5vpCXo02pL5%2B%2BB8hBd5APONLe9gJGd%2BhjBXQZjV%2B3ia7gNnla0JuXC7M9CfrUs7K%2FI4Qm8P6teoQh6u9bF6mKsElYoQV5INM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
71726fba5f8becee-YUL
vary
Accept-Encoding
expires
Wed, 08 Jun 2022 16:13:38 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
71726fbb787b4bbf-YUL
regenerator-runtime.min.js
securityintelligence.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Mon, 14 Feb 2022 14:48:48 GMT
server
cloudflare
etag
W/"195e-5d7fb83a43038"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTeRS%2BaeHnvxxe2CV6vq4qi9CZVBcaza5gBHOgNDN0hCO76eulCTd8KtmU1jMP58VnzDLga2AAfYEi2bQJG0S2AMyix%2BKWVLQItY%2FDkaZ6labbMUc7tm1KPNetGS8wY5DyCl4kn37tuqiJSkpani1mV0PJ5zULI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fba5f8eecee-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
wp-polyfill.min.js
securityintelligence.com/wp-includes/js/dist/vendor/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Mon, 14 Feb 2022 14:48:48 GMT
server
cloudflare
etag
W/"4b3d-5d7fb83a43420"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyz6AIml2ARwOFjqArBjk1LW1g%2F6neNsMJALS9q%2BtAZTB523%2B063wUzq%2FudF6yZlXfvXFAX6iue1gkTDYDTdUqtghXP%2FOksjrRLhZSPwFxxQwFZYRt5qYmJ70sngfNvaO4yQL2Cw1vWL%2FSLt%2BDtH5XNn6Gx7F%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fba5f90ecee-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
index.js
securityintelligence.com/wp-content/plugins/contact-form-7/includes/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Fri, 28 Jan 2022 14:00:34 GMT
server
cloudflare
etag
W/"25f8-5d6a4dbd02440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zKwk4B%2Fp7mAVC5F23XPpmKTR3OQo6RY7%2FDKHa9cMSJbJtZEEV6nUysW03gcQQ5nUnt%2FmzieF4u9e22Q1kWfcyIL5eMMnMRaFW84t7%2FeQdXqxzjC7aguTZdP8LhGIqY8HS0o%2FimZkFSAqGSLeLKuVSUjPDrekdw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fba5f92ecee-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
qppr_frontend_script.min.js
securityintelligence.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js?ver=5.2.3
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 19 Sep 2019 20:08:30 GMT
server
cloudflare
etag
W/"636-592ed846ef8ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FtPkZMkjblQ4%2BNMfbynfzD2HwfbnH6I8izdCbFo3rDlQQ%2FOTRcQe2oi3JiqNHJFfiLqQ1pNq4B13zFQvXCcKZxuuRnPJ3ykxA1%2F5QmKvG7kv%2BNAzcgozfGLm4Ybk5P%2FiN2fAhwAXnBjYk2zHcGE1oU1fnUNz6U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fba5f94ecee-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
wp-emoji-release.min.js
securityintelligence.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 22 Jul 2021 17:28:09 GMT
server
cloudflare
etag
W/"4705-5c7b99c54c034"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWOnXI4uOCgjBbIJ%2B%2BN8%2Fj4nTdTamjOBCmU8OGQHkTdGOepgKJUAKrk76CA2D4Kq%2BXgKB0luHxrBUO8NxzNihCBICUG2FCtQUFkmHLp%2Bt%2BKJ6lCCYuvIqUQlBmrSPvvF9Pc6m%2BZrwpzliSSsITREGPEFKaPX7sU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fbb58c7ecee-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v14/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 04:38:04 GMT
x-content-type-options
nosniff
age
560134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18000
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 04:38:04 GMT
logo-white.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/logo-white.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
663a14b3fbb5e44ad939917a2f6f4d93f31a0a1d8ab6702fb0a66036141ddc8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 16 Jan 2020 16:58:28 GMT
server
cloudflare
etag
W/"2136-59c44bbef4f0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmH6gFjHp%2BhfUvRUA7iTc3bgpO1Fli5M7%2BtWzvRo7OPt6cr4q7GLXI5MmARCBJ9QiTas2JPn75%2B%2B01bZs2yirB%2BWF7a0ybMibSfmQarDOCzM5YmTmyLeFS0kvOJXWFEa%2BufIuoZTbyWOZQqs1XMCp6BmcgihjX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fbbb926ecee-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
search.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		951 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/search.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
0e82da81b591f6ffc35aa67bcd9e1c39aa5983f7f8baaf35892956e8b2dc004b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 12 Sep 2019 12:50:34 GMT
server
cloudflare
etag
W/"3b7-5925a955be86c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=of38W6XWzFQxcRiuDhxMfnq52mVswFIPqP0FlwqRqEsfQQMDvi%2Bp97Sk4PVFX5PvtsuR4wyeTfviSW9uNyE7T6TopqS4uLh3llmr1elQVBtsDTOamiYpZr4rHs1yP68TNsM%2Fqa5vUqKMLSFmgAXDPRmLaXUejv4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fbbb928ecee-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
close.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		455 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/close.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
e89cc85750cabe4a1352be2c824af05958b906fdf9ab9b9e99fdd15a4d798152
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Fri, 27 Mar 2020 19:40:17 GMT
server
cloudflare
etag
W/"1c7-5a1db455dfe15"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BRjAY16GYbhjjUf5sxHorapKS64l3HFqcY0WeaDQ0iCk9qLYlj2qHOY7yXurCXzawYKatgw7IHsEDYnlRJMW40H5kocsNRGWB70noN75j%2BKsloQLTAoZ1AsEbkoMcGyym6gojXVzXO316g%2FCU%2BZARHvCabb1ic%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fbbb929ecee-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012205191749000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205191749000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1ffb612967aa8da5e1866aab66bb3d9aebed2335ae05b6df9212f16a1f4b62c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
397083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3859
x-xss-protection
0
server
sffe
date
Thu, 02 Jun 2022 01:55:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"57ab576da05b0de4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 02 Jun 2023 01:55:35 GMT
loading.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		972 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/loading.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1654192268
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
790cfd19a8e033f96c28d63386fc4e3aff117ed855f762b40f39691a921de760
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1654192268
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 12 Sep 2019 12:50:34 GMT
server
cloudflare
etag
W/"3cc-5925a955bdcb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSL5PBXjjXtfSNseclL%2BnA7FFivWT4f1Y3r1GoKJgZlvB7nsUcwNrtFOSZBqMc%2BcbUx5aO3FkJZzzpTRmPPD72FqBVLFgLbOLbZ6FMcYVWXkyLpuEo1j1BobsxkBZs63bRmokEgXuMAYWcNzO6cBgZcsynwi11A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fbbd957ecee-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 04:18:28 GMT
x-content-type-options
nosniff
age
561310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18688
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 04:18:28 GMT
Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31f1c8437b4a34d4b4d66c59927d16774fb6197faf13dbd7b04758a2afdbad0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 04:03:55 GMT
x-content-type-options
nosniff
age
562183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18564
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:29:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 04:03:55 GMT
zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf4eae9216be01f9a411ac93c5008eb38a3abdbb12fdb50ef974a4599e90220a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 09:08:56 GMT
x-content-type-options
nosniff
age
543882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19124
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:47:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 09:08:56 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 01:58:24 GMT
x-content-type-options
nosniff
age
569714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 01:58:24 GMT
zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9b10dd6f91b1495f2f5afb055e060c55a5cc89e12c435e383cc1998741a739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 04:52:38 GMT
x-content-type-options
nosniff
age
559260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19200
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:50:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 04:52:38 GMT
scroll-to-top.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		715 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/scroll-to-top.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
5d5997f11a9482db230a12a91801a5006294d0c68817607fb2d8efdc7ecf006a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 01 Oct 2020 17:04:26 GMT
server
cloudflare
etag
W/"2cb-5b09f0236c546"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nc3M0zCNjJ5HFFTJAm2HogtAvGcbr819gBg2WaC8qAA%2B7PdOJXQR7Iaw0R2drhM%2BwT%2BJKt%2BlbrvAjIFc6t272MnHURZks%2Fo4y6EJQJhwq%2F0c3pCwUM66tFaGlHuf6317pVcd%2FmvaQzEAETCMRgetQXspZ%2FFS46s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fbc39c5ecee-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
truncated
/ 		98 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
473b9fbb17fa7755c34ae89223bb3d75e7c9220cb31cae32e5838eae3b5814fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		84 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d87e9a5f66c1631a2b24f3ae74e4ffbedf00b643d1c57bded3c119773dcb0968

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		98 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6440fc0195f3b55d6745b071f7fc9201aa74fe10a6bf8e403ef3660552d08aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		99 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3181e593aa1c8a96cdd550ee065310398ea980f29f9582275b9b42110cb116b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		84 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96dfc5f50442cc86b4a34c0776427374af0b3a906c0d1b27ef2916e78b721f13

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		84 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86042f3e488c299da25a01ea2decaf7e796abd7ae4811782a75abc7ee78ee8d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
default-pic.jpg
securityintelligence.com/wp-content/themes/sapphire/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/default-pic.jpg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
2362a2b6663976d80e30679ab74d07731dd20ba8c5adbcae3d1123a6406d8eda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5342
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 14 May 2020 20:55:09 GMT
server
cloudflare
etag
"14de-5a5a1e9841ca6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3s8d21VliMhP%2BUm5EMuwXp%2FCcmBrx5ZwLekJxaHgMO85mr4oCs759SQGyhd82xiTwbvTSersn%2BZIl16u3ho8XM5vZ7e7x7fgcThR49C6mSV7CGggXSqSe0WPZAkk8fRQJmHtgyJGSvEGN1GYtLCr2HVSLgj%2FxI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For,Accept
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
cf-ray
71726fbc7a14ecee-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dca337d11cb99c194e99da0a8780ec4219ff742646b52a49675fffe44f5a7658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 07:16:09 GMT
x-content-type-options
nosniff
age
550649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18196
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 07:16:09 GMT
zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 02:00:19 GMT
x-content-type-options
nosniff
age
569599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18860
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:50:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 02:00:19 GMT
zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
681e885d2baf3a5865cfa1fd6b9e5855b8a104b379208852b595c4e72f2c54b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 06:43:00 GMT
x-content-type-options
nosniff
age
552638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19436
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 06:43:00 GMT
arrow-right.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/arrow-right.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
03d81c05d2b7bcd709563806be145309333dd0f398a91885350953cda5a1a04f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 28 Jan 2021 11:49:18 GMT
server
cloudflare
etag
W/"2e7-5b9f47a46bf4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdV%2BUDwXxuYGlRMqPBqgpLyeZGEJ%2FHqG4QuLo6wsuwYDY9IQn0IP9Xhm6hKcuqVx96Q%2FVy%2Bz2H74oUl5JfWG0J1FuslyA4lmmod3AEyJcXSSYgzyTplBS6B%2Fp7Y%2BphftfDMfbTJ3JdC89XRnQo54ib%2BSvRCaNs0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
71726fbd6afbecee-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
Business-team-clapping-for-a-female-colleague-in-meeting-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/03/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/03/Business-team-clapping-for-a-female-colleague-in-meeting-630x330.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
4a4f63fe60b19218be345784bc89f2254b401217dd2c009afe68d4687a2c2364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
495
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22500
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Tue, 08 Mar 2022 14:00:03 GMT
server
cloudflare
etag
"57e4-5d9b565c2087f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qma5T58aoqVfyfcdbxfXO4jv4pi6I4NlqCQgCmWdWSia8KA8MGDtbMDAyrpCkMJ9gq7JSH0zE%2BxoONvn%2FZ2oSfXz4SMPXuxhtEGSc%2BVBnQcI6H1Gh0fjizycqq7wT6MOFP2k3g%2FhTuOW7LhOQCSDxYzMxdBvaM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
71726fbd6afcecee-YUL
expires
Tue, 06 Jun 2023 16:05:23 GMT
Cloud-Native-Security-Controls-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/04/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/04/Cloud-Native-Security-Controls-630x330.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
400dd9c39d2d01ed976237c79a8ad0c20be47971a0467f2269c8ebe55567bcc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
495
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21016
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Mon, 11 Apr 2022 12:00:04 GMT
server
cloudflare
etag
"5218-5dc5faf46ad91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrePD4Ahfi%2FMW%2FfSs%2FGiNq28oY9IRw2WKb9UakftSgpXxUVwI5PVs3X9gm4M%2BQgwXNZZKKCc0vWih2OJWkDqptMRt84F552KTyYRLBXSdTTCLMitEyEEeerAI%2FAH6cPWEvR3dQ13VibZS4QQ%2FNLkmgwBGIdGrk0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
71726fbd6afdecee-YUL
expires
Tue, 06 Jun 2023 16:05:23 GMT
Cybercriminal-creating-malicious-software-typing-on-laptop-keypad-closeup-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/02/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/02/Cybercriminal-creating-malicious-software-typing-on-laptop-keypad-closeup-630x330.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
54d3e6fd6df1340fa8bfe759ccbf99d178b5bebe49ef39bc4ef0ba99f0420c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
495
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10680
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 24 Feb 2022 22:11:22 GMT
server
cloudflare
etag
"29b8-5d8cadcbe6382"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkEgPuPu5oT3XxBjsj9V6AhabOS%2BJ6heuDJMgcE9ZGAknggPDV1qBy3tmSK3eGKKfr7hs2fu4FgBvt9kL9lzMJHrFJ1taVFjNy0VzL4KtTS3%2BhXGABvgGm2Waujr3PnrMS3ONkBaH79G2nnRQjiad2WZ35EkRVU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
71726fbd6afeecee-YUL
expires
Tue, 06 Jun 2023 16:05:23 GMT
600X1200_THINK2.jpg
securityintelligence.com/wp-content/uploads/2022/05/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/uploads/2022/05/600X1200_THINK2.jpg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
e92265072a38145d453d32d16e98360a21fd2431fe8c623ac083e8207d004c05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:38 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15596
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 12 May 2022 15:20:12 GMT
server
cloudflare
etag
"3cec-5ded2181e8a09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGB3eQJ9KT1pl81g%2BzEttIFwGANxqL6bsmPBLY7MZgtdjX2r%2BcYv%2FQLtGREtTF58W9j98JCmsbYu1wOdr0%2BwMfFLUitYbHsBAagVD2wGILW2QBtiLldJDq%2B8hXpZBj38x0IOtHfdOo2mKBl99n2hjF32dL5KAgo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For,Accept
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
cf-ray
71726fbd6affecee-YUL
expires
Tue, 06 Jun 2023 16:13:38 GMT
Zz05YTU4OTJlMDk1YmIxMWVjYjliMzAyNDgwOWY4NWE5MQ==
images-cdn.welcomesoftware.com/ 		306 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-cdn.welcomesoftware.com/Zz05YTU4OTJlMDk1YmIxMWVjYjliMzAyNDgwOWY4NWE5MQ==?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOlsiOWE1ODkyZTA5NWJiMTFlY2I5YjMwMjQ4MDlmODVhOTEiXSwiZXhwIjoxNjQ1NzQ3NzE0fQ.hs8x8-hYpSz8MeFOeihxR8k4VRkfoQ9nHH85bhb2JLE
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2131:1800:f:fcff:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b5f4df0247e5df3b3b83ca6e660e00a736a45c36b07edd571bb6d209744d3c09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 15:49:20 GMT
via
1.1 60ee0252498f6c35dfedb3d926a6fd30.cloudfront.net (CloudFront)
age
1459
x-amz-server-side-encryption
AES256
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
content-length
313116
last-modified
Thu, 24 Feb 2022 21:49:12 GMT
server
nginx
etag
"c07c7a61edf86673dd01110d2d53c26a"
x-amz-version-id
rEPaO6QEBHnbURgqfekgkYLfBP3Rr7Q.
access-control-allow-origin
*
x-amz-cf-pop
MAN50-C2
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
rEu73a5bMExOs-vOe1537KRA77RZWy1OPJCcPjqQ2g_qIGrvfcWxdA==
Zz1hNzMwNWI0Mjk1YmIxMWVjYWRjYzg2NDNiOWZjODVjNA==
images-cdn.welcomesoftware.com/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-cdn.welcomesoftware.com/Zz1hNzMwNWI0Mjk1YmIxMWVjYWRjYzg2NDNiOWZjODVjNA==?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOlsiYTczMDViNDI5NWJiMTFlY2FkY2M4NjQzYjlmYzg1YzQiXSwiZXhwIjoxNjQ1NzQ3NzE0fQ.Prim22fYjynqhVcw_w5jtkjkMs3tKHGB4FEQUd7AMYE
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2131:1800:f:fcff:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4592c521f52bd17d12a3df2183effd3603f70b5db98edfcf3f739a72e80c5d16

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 15:49:28 GMT
via
1.1 60ee0252498f6c35dfedb3d926a6fd30.cloudfront.net (CloudFront)
age
1451
x-amz-server-side-encryption
AES256
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
content-length
20813
last-modified
Thu, 24 Feb 2022 21:49:34 GMT
server
nginx
etag
"fb3b546d99e3340e058ad6e7ab3de501"
x-amz-version-id
eeRdRLHdCdUwrjkGu67KK.c.FJhA0KeO
access-control-allow-origin
*
x-amz-cf-pop
MAN50-C2
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
efV6VTNMj-T8xgYlaQm8C-qWwU75cfmYSyQkpmnT0cuQfqR-rsp2Kw==
/
api.www.s81c.com/webmaster/dbip/ 		427 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.www.s81c.com/webmaster/dbip/?callback=_dl.fn.userIpData.callback
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.114.203 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-114-203.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fa65ae4b632714fe246c34a2c886c18d143750b5ad4c17ccb791b0e19c796c20

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 06 Jun 2022 16:13:39 GMT
Server
Apache
X-Backside-Transport
OK OK
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
X-Global-Transaction-ID
075554b2629e27b2e29e3677
Connection
keep-alive
Content-Length
427
ww.js
cdn.ampproject.org/rtv/012205191749000/ 		51 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205191749000/ww.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
856d2fc18d742b96953b49d99b3268fdd46f0f1c184b540c8410d1d8fc8bb2ab
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
397083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14454
x-xss-protection
0
server
sffe
date
Thu, 02 Jun 2022 01:55:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"48377964fe8ccc7f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 02 Jun 2023 01:55:35 GMT
05edfdcd-8e23-4b08-b9b3-2b53e5ee7bd4
https://securityintelligence.com/ 		51 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://securityintelligence.com/05edfdcd-8e23-4b08-b9b3-2b53e5ee7bd4
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5db4e350627f9dfd70cce59c8b131c9071650a5c0d1335145eecbecf07343dcf

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Length
52076
Content-Type
text/javascript
p_85e1c2b3e06b87ddd5b2d9723a0213354253e4b2691412fad82df3b24daf6e5b.js
tags.tiqcdn.com/dle/ibm/web/ 		3 B
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/dle/ibm/web/p_85e1c2b3e06b87ddd5b2d9723a0213354253e4b2691412fad82df3b24daf6e5b.js
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
last-modified
Thu, 02 Feb 2017 22:12:19 GMT
server
AmazonS3
x-amz-request-id
67ZS9XZCYQAH72SS
etag
"b519d08ef66fd54910edbedba6181ec2"
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
3
x-amz-id-2
Z3ssKqjHMlC9kNW1dTm2+vugh35kk3kIu2QTyVvQO57nQkNumOZgQWVH+EkZJn3mbCxPk4qJ+xw=
expires
Mon, 06 Jun 2022 16:18:39 GMT
bmaid
cloud.ibm.com/analytics/ 		48 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloud.ibm.com/analytics/bmaid
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.232.186 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-232-186.deploy.static.akamaitechnologies.com
Software
undefined / Express
Resource Hash
3450c6a2b18fc63e96502af78d6416e6fd24e57a3f3963825b9ba7d40b8cfc53
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-powered-by
Express
x-envoy-upstream-service-time
11
server-timing
cdn-cache; desc=MISS, edge; dur=31, origin; dur=18
content-length
48
x-xss-protection
1; mode=block
x-request-id
undefined
x-response-time
2.459
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
undefined
etag
W/"30-BFj01KNz5do2aOtSw2TgFWDnA9E"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
date
Mon, 06 Jun 2022 16:13:39 GMT
expires
0
dbdm-data
www-api.ibm.com/cookie-sync/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www-api.ibm.com/cookie-sync/dbdm-data?callback=_dl.fn.dataSync.callback
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:68a::b3a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ Express
Resource Hash
1ac54ab18202013ec7dfb97f145cc8fe3705702291d5d80c10be15576b5cd0a5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Express
etag
W/"a55-HdQ+kaM61N9sHZJtH7JqKgNPra8"
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
x-backside-transport
OK OK
cache-control
no-cache, no-store, must-revalidate
x-global-transaction-id
291d6450629e27b333cf1559
strict-transport-security
max-age=15768000
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
content-length
1978
x-xss-protection
1; mode=block
utag.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		336 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8693f5f77e3b9920b8833965bed0507fe14bdde20292fa872b43ebc083b25c55

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
content-encoding
gzip
last-modified
Sun, 05 Jun 2022 04:55:59 GMT
server
AkamaiNetStorage
etag
"93e787744eee7dcccb9890af4239bfe2:1654404959.741621"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Mon, 06 Jun 2022 16:18:39 GMT
id
dpm.demdex.net/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=D10F27705ED7F5130A495C99%40AdobeOrg&d_nsid=0&ts=1654532019565
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.90.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-90-48.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
3fd9715bcf937148054c65896943f31285b049e439a66da3393970a97935a10a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v030-0a3f54f31.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
pbXK9TrSTVw=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://securityintelligence.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
600
Expires
Thu, 01 Jan 1970 00:00:00 UTC
utag.28.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.28.js?utv=ut4.46.201803300231
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2e7f5342105b392a295080c87c345965fa5f4dea75ca8af10584bcac7c8d48a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
content-encoding
gzip
last-modified
Fri, 30 Mar 2018 02:32:36 GMT
server
AkamaiNetStorage
etag
"1ac4cbb8e65e89874c50b9129b8afbec:1522377156"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1123
expires
Tue, 21 Jun 2022 16:13:39 GMT
utag.162.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		52 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.162.js?utv=ut4.46.202204060605
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e59430d3e263e177152d6bdf531a0ecab5ec4b81339cdec2564ece447abcbe68

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
content-encoding
gzip
last-modified
Fri, 06 May 2022 05:24:03 GMT
server
AkamaiNetStorage
etag
"3f4bd6e2eee6b940b7a9be82eac02649:1651814643.516954"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
11702
expires
Tue, 21 Jun 2022 16:13:39 GMT
utag.24.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.24.js?utv=ut4.46.202004021713
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7bf8c8af5f6bd977c4618843d6f103ef01162da38c8cc27b5f292549c9a1ca7d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 17:13:24 GMT
server
AkamaiNetStorage
etag
"02fbc106ee77dce39296914d62393bed:1585847604.52902"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1774
expires
Tue, 21 Jun 2022 16:13:39 GMT
utag.53.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.53.js?utv=ut4.46.201706292022
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
90596b3d8081c6c46f53c00cc4215ccb61cadd6b0268bc2f9fe553c35774753d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
content-encoding
gzip
last-modified
Thu, 22 Mar 2018 04:18:05 GMT
server
AkamaiNetStorage
etag
"d2c69618305280734e4c67c71a0bc28a:1521692285"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1534
expires
Tue, 21 Jun 2022 16:13:39 GMT
utag.184.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
deb89b2cb1badbd9a684e6aed8409d4d7e7a9ef9d863b95c1116755a307a5f5a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
content-encoding
gzip
last-modified
Sat, 17 Oct 2020 02:42:47 GMT
server
AkamaiNetStorage
etag
"08b869489660d7180fcf95dfb594c231:1602902567.648186"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
5192
expires
Tue, 21 Jun 2022 16:13:39 GMT
utag.15.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		1 KB
834 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.15.js?utv=ut4.46.201903281401
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bd50da2add488ef7be504787691327f38b4abfd710c26f4a49308ddc1e197deb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2019 14:01:27 GMT
server
AkamaiNetStorage
etag
"d9452c4d466101e71a4a685c15d47700:1553781687"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
611
expires
Tue, 21 Jun 2022 16:13:39 GMT
utag.136.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.136.js?utv=ut4.46.201808201700
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e10c0bc79c425822dac76b3b3d381f523bc1a548b922ee73ce3435ef45c2ae6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
content-encoding
gzip
last-modified
Fri, 20 Jul 2018 14:28:36 GMT
server
AkamaiNetStorage
etag
"301f64e7791ec492b32864ff8aa6e6f9:1532096916"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
904
expires
Tue, 21 Jun 2022 16:13:39 GMT
utag.94.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.94.js?utv=ut4.46.202203221853
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
898413f0d39495364dbf2fea8d75f90c5e59196b8a659f4cd3b97d5e0a491367

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 18:51:07 GMT
server
AkamaiNetStorage
etag
"8ccdd1c1ded6e3886b782d50d3a61e1f:1592938267.587209"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1779
expires
Tue, 21 Jun 2022 16:13:39 GMT
utag.167.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.167.js?utv=ut4.46.202101200115
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
54e73aef7b2b0ccad0cdbfc30b6c82a011948df3827919196a0f27893ce5d5c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
content-encoding
gzip
last-modified
Wed, 20 Jan 2021 01:15:17 GMT
server
AkamaiNetStorage
etag
"b092f8c901d8afecfb07a4e7f929ef3e:1611105317.621153"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
2421
expires
Tue, 21 Jun 2022 16:13:39 GMT
utag.178.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.178.js?utv=ut4.46.202008241237
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fe286d4418ea555bb568a81ebcaab56560fc7d076eda46a790290db0c942e708

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 12:38:05 GMT
server
AkamaiNetStorage
etag
"1cc26c17c372c047fcf985d11b6f06f2:1598272685.212586"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1380
expires
Tue, 21 Jun 2022 16:13:39 GMT
utag.181.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.181.js?utv=ut4.46.202010301425
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e1b1e30b7778a859a6584d608645bf5d8402cf53fcf078b55fe617a117fec429

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
content-encoding
gzip
last-modified
Fri, 30 Oct 2020 14:25:44 GMT
server
AkamaiNetStorage
etag
"32e783cf592aaffb0bf09fc95b475ed0:1604067944.853384"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1025
expires
Tue, 21 Jun 2022 16:13:39 GMT
dest5.html
ibm.demdex.net/ Frame 9870 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ibm.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.90.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-90-48.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-1-v030-0aa05546f.edge-usw2.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
6YKV03rFSrg=
content-encoding
gzip
date
Mon, 6 Jun 2022 16:13:40 GMT
last-modified
Thu, 26 May 2022 14:14:36 GMT
vary
accept-encoding
ibs:dpid=411&dpuuid=Yp4nswAAAKqjcAN2
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=47932129809636591092643384692785063632
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yp4nswAAAKqjcAN2
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yp4nswAAAKqjcAN2
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
HTTP/1.1
Server
54.186.90.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-90-48.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v030-03e6af903.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
y/e1A9r7RDk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yp4nswAAAKqjcAN2
Date
Mon, 06 Jun 2022 16:13:40 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ibm/web/202206050455&cb=1654532019924
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Mon, 06 Jun 2022 16:23:39 GMT
notice
consent.trustarc.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?c=teconsent&domain=ibm.com&country=CA&state=QC&language=en-US&privacypolicylink=https%3A%2F%2Fwww.ibm.com%2Fprivacy&js=nj&noticeType=bb&text=true&pcookie&cdn=1&gtm=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.81.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-81-3.man50.r.cloudfront.net
Software
nginx /
Resource Hash
de27518c3c5d1797233a4db0ddf161c05e2b1480408b31b2c86d6949fa1376f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
MAN50-C2
x-cache
Miss from cloudfront
cloudfront-viewer-country
CA
vary
Accept-Encoding, Origin
content-length
4776
x-xss-protection
1; mode=block
timing-allow-origin
*
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 3ed6913225a2751cd6347e2088d1f5fa.cloudfront.net (CloudFront)
cache-control
max-age=3600
cloudfront-viewer-country-region
QC
x-amz-cf-id
SjEA8_GN7gyKCQx1NtOpfpsmg9SZz1Yw1mg0VUlMLXL0MRz5zRBnMg==
expires
Mon, 06 Jun 2022 17:13:40 GMT
ab057a07.min.js
scripts.demandbase.com/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.demandbase.com/ab057a07.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.10.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-10-127.man50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
194ea51d8f1ad1c00fbb738c8b400fbd2e4bd652fd578d52c2d6546d59295154
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
vDxpEzAYBTn.c6ZE4MKxfkUcOnAaDSzg
content-encoding
gzip
etag
W/"49d1fd25b9c43362d42ddee7e253de8f"
age
3047
x-cache
Hit from cloudfront
vary
Accept-Encoding
last-modified
Thu, 03 Mar 2022 17:14:48 GMT
server
AmazonS3
date
Mon, 06 Jun 2022 15:23:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
via
1.1 325dd89771246a0301c1cb899a7a2b76.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop
MAN50-C3
x-amz-cf-id
6bTEloqVNAAkL3yxAFgZfkipP550uETE4AwIT7uLdlwOmc9CciEJ0w==
js
www.googletagmanager.com/gtag/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-143580012-1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8acf0e08569c9e585911ae255e03ea4e00aa2df82c766cb47a68ea5c23369b9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39629
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Jun 2022 16:13:40 GMT
js
pixel.mathtag.com/event/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_pp=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.253.16 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-253-16.deploy.static.akamaitechnologies.com
Software
MT3 4419 e1034d5 master iad-pixel-x14 config:1.0.0 /
Resource Hash
8d4a8fd92a0381d2c534abe994beba126da9eb4b5de49412c78a06ee4c730c20

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 06 Jun 2022 16:13:40 GMT
Server
MT3 4419 e1034d5 master iad-pixel-x14 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
2487
Expires
Mon, 06 Jun 2022 16:13:39 GMT
i.gif
collect.tealiumiq.com/ibm/main/2/ 		43 B
753 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.tealiumiq.com/ibm/main/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.227.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-227-76.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryJkndRa9Xh8bSjPa2

Response headers

date
Mon, 06 Jun 2022 16:13:40 GMT
vary
Origin
x-serverid
uconnect_i-0c82e0695f976ae89
x-tid
018139cb154c005968092f93ab9003073007d06b00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
ibm:main:2:datacloud
x-region
us-east-1
content-length
43
pragma
no-cache
x-did
018139cb154c005968092f93ab9003073007d06b00b08
content-type
image/gif
access-control-allow-origin
https://securityintelligence.com
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-ulver
9ea490e1911a29c11d0d8bf037b1ac92d2ee07fa-SNAPSHOT
x-uuid
03b4a771-6727-4139-b56d-1cdac0fe2552
expires
Mon, 06 Jun 2022 16:13:40 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.15.js?utv=ut4.46.201903281401
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82d0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 06 Jun 2022 16:13:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=38631
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
survey.js
1.www.s81c.com/common/stats/ 		93 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.www.s81c.com/common/stats/survey.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:68a::b3a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
814759860cc987a983b49f360ae29e58b08fda03e86356545d310f44bd8c972c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 15:08:38 GMT
etag
"17462-5d6f646a0ced0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=74132
strict-transport-security
max-age=2592000
accept-ranges
bytes
content-length
27629
expires
Tue, 07 Jun 2022 12:49:11 GMT
uwt.js
static.ads-twitter.com/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.167.js?utv=ut4.46.202101200115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9fa5f4494a80ecf219df87f5a3bedccc280a4a458e72a12732411ec531731bb4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:39 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 19:22:27 GMT
etag
"37e15fed72b47b0100cbd5c7aaa9d3a0+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
14634
x-served-by
cache-iad-kjyo7100095-IAD, cache-lga21959-LGA
js
pixel.mathtag.com/sync/ 		237 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/js?cs_jsonp=mmUuidSync&mt_nsync=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.253.16 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-253-16.deploy.static.akamaitechnologies.com
Software
MT3 4419 e1034d5 master ord-pixel-x13 config:1.0.0 /
Resource Hash
3756117d442b3382af417904cf4fd4032b9f99fe66b141d0aa37a6d9fc6c6c26

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 06 Jun 2022 16:13:40 GMT
Server
MT3 4419 e1034d5 master ord-pixel-x13 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
237
Expires
Mon, 06 Jun 2022 16:13:39 GMT
analytics_c7caef17012f48e99285467c1b6d8423.js
analytics.newscred.com/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.newscred.com/analytics_c7caef17012f48e99285467c1b6d8423.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.181.js?utv=ut4.46.202010301425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-52.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b15464de7fe26f72a119b3b0dd1bd7376542f294702211a92618e33710c481f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 01:04:50 GMT
via
1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
last-modified
Fri, 03 Jun 2022 19:06:55 GMT
server
AmazonS3
age
54531
etag
"977dc0a68cd23376949d2b33ada16723"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-length
21144
x-amz-cf-id
09X77w-L0MitPqhd6cUcUHI2yCBfZPLRBc57C_3TPzM06yXPoS3NXg==
tpid=e8de629e-27b4-4800-8093-4cd8989732cb
sync.crwdcntrl.net/map/ct=y/c=4735/tp=MDMA/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?sync=auto&mt_exid=10040&exsync=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D4735%2Ftp%3DMDMA%2Ftpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/map/c=4735/tp=MDMA/tpid=e8de629e-27b4-4800-8093-4cd8989732cb
  • https://sync.crwdcntrl.net/map/ct=y/c=4735/tp=MDMA/tpid=e8de629e-27b4-4800-8093-4cd8989732cb
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=4735/tp=MDMA/tpid=e8de629e-27b4-4800-8093-4cd8989732cb
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Server
34.195.85.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-85-3.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 16:13:40 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.44.109
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Jun 2022 16:13:40 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/map/ct=y/c=4735/tp=MDMA/tpid=e8de629e-27b4-4800-8093-4cd8989732cb
cache-control
no-cache
x-server
10.40.8.247
content-length
0
expires
0
px.gif
pixel.newscred.com/ 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.newscred.com/px.gif?key=YXJ0aWNsZT1hYWNiOWZlMjk1YWIxMWVjOWNjYjIyMjgyOWRiNTY0NA==
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.210.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-210-93.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 16:13:40 GMT
cache-control
max-age=0, public, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-length
43
content-type
image/gif
adsct
t.co/i/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=nv8so&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=2b17e6bc-ff7c-41fc-a774-d8ebf1410bac
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time
6
date
Mon, 06 Jun 2022 16:13:39 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
cdcd2de80fbaad53260c28e3fb3ea582d5cec6f2e6e069b8c744c85d98723dbf
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=nv8so&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=2b17e6bc-ff7c-41fc-a774-d8ebf1410bac
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time
6
date
Mon, 06 Jun 2022 16:13:40 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
bcd5a19d246a9a4de229cc7a6a7ee8e7ff8b11e887c21728a5394c8e017ea6e2
content-length
43
d_medallia_survey_configurations.js
tags.tiqcdn.com/dle/ibm/web/ 		72 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/dle/ibm/web/d_medallia_survey_configurations.js?callback=?&_=1654532018436
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a43eef4f4ff93c72b28db2f2723ca8acffb9e478fd71a117d00c720a96229ef4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 06 Jun 2022 16:13:40 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 15:17:19 GMT
server
AmazonS3
x-amz-request-id
H05HDCNFZC79XBJH
etag
"71e7a4ecc17429141e2cf688fb1e599b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
14361
x-amz-id-2
Zx9WQ43QnxPcatC34S6gd/7oB+SVF8LTWPw+zSs9tnXmq2SHCuGYo/xFBTBCiippyVjllo1DnEI=
expires
Mon, 06 Jun 2022 17:13:40 GMT
018139cb154c005968092f93ab9003073007d06b00b08
visitor-service-us-east-1.tealiumiq.com/ibm/main/ 		27 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor-service-us-east-1.tealiumiq.com/ibm/main/018139cb154c005968092f93ab9003073007d06b00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1654532020061
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.80.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-80-197.compute-1.amazonaws.com
Software
/
Resource Hash
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-version
9ea490e1911a29c11d0d8bf037b1ac92d2ee07fa-SNAPSHOT
date
Mon, 06 Jun 2022 16:13:40 GMT
x-region
us-east-1
content-length
27
strict-transport-security
max-age=31536000; includeSubdomains
x-nodeid
i-0c6743303e45e3129
content-type
application/javascript; charset=utf-8
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143580012-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5388
date
Mon, 06 Jun 2022 14:43:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 06 Jun 2022 16:43:52 GMT
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=24646&time=1654532020080&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D656...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=24646&time=1654532020080&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D656...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D24646%26time%3D1654532020080%26url%3Dhttps%253A%252F%252Fsecurityintelligence.com...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=24646&time=1654532020080&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D656...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=24646&time=1654532020080&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D65...
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c22f921b-8569-40dd-9e7f-d91cc4dc29ee
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c22f921b-8569-40dd-9e7f-d91cc4dc29ee&_expected_cookie=65507fbf96574a590c900fba...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c22f921b-8569-40dd-9e7f-d91cc4dc29ee&_expected_cookie=65507fbf96574a590c900fba32b2475e
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Server
104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
71726fcb7ce7f97d-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c22f921b-8569-40dd-9e7f-d91cc4dc29ee&_expected_cookie=65507fbf96574a590c900fba32b2475e
date
Mon, 06 Jun 2022 16:13:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
71726fca9c48f97d-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
js
pixel.mathtag.com/event/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_pp=2&mt_adid=171815&mt_id=1075167&event_type=catchall&industry=technology&page_name=securityintelligence.com%252Fposts%252Fnew-destructive-malware-cyber-attacks-ukraine&site_language=en-US&version=1.0&search_query=%3Fsocial_post%3D6567161505%26linkId%3D156583495&language=en-CA%2Cen%3Bq%3D0.9&mt_lim=20&document_title=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&location=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&document_path=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&mt_cb=1654532020163
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_pp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.253.16 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-253-16.deploy.static.akamaitechnologies.com
Software
MT3 4419 e1034d5 master iad-pixel-x22 config:1.0.0 /
Resource Hash
32a594a016ff2b8ede56fb26886c74725952dba704d988d1f2560c4af4163435

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 06 Jun 2022 16:13:40 GMT
Server
MT3 4419 e1034d5 master iad-pixel-x22 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1436
Expires
Mon, 06 Jun 2022 16:13:39 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=593470579&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&dr=None&dp=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&ul=en-us&de=UTF-8&dt=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBACUABBAAAAC~&jid=692413316&gjid=1066358635&cid=1522458811.1654532020&uid=98b50848-f6da-47e4-a6b8-e488d48cd5f3&tid=UA-143580012-1&_gid=1080532285.1654532020&_r=1&cd1=0&cd2=SECURITYINTELLIGENCE&cd3=98b50848-f6da-47e4-a6b8-e488d48cd5f3&cd5=339de385-5aa3-46c6-8753-f8fabde2f05b&cd6=1654532019533&cd12=securityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine&cd13=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&cd16=None&cd17=None&cd19=custom%20DELIVERY%3AWordPress%20AUTHORING%3AHand%20coded&cd31=en-US&cd34=url-85e1c2b3e06b87ddd5b2d9723a0213354253e4b2691412fad82df3b24daf6e5b&cd35=1654532018838&cd37=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&cd39=Malware&cd69=prod&cd90=2%3A&cm54=1&cd122=6567161505&gtm=2ou610&z=228528436
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 16:13:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=0&a=593470579&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&dp=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&ul=en-us&de=UTF-8&dt=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GDACUABBAAAAC~&jid=552994863&gjid=1950557699&cid=1522458811.1654532020&tid=UA-150713566-56&_gid=1080532285.1654532020&_r=1&_slc=1&cd1=aacb9fe295ab11ec9ccb222829db5644&cd12=c7caef17012f48e99285467c1b6d8423&cd13=(not%20set)&cd16=(not%20set)&cd17=(not%20set)&cd15=a450b40a-8fff-4953-8f35-35d6bd057876&cd14=aacb9fe295ab11ec9ccb222829db5644&z=1839974981
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 16:13:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=0&a=593470579&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&dp=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&ul=en-us&de=UTF-8&dt=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll-depth&ea=0&_u=4GDACUABBAAAAC~&jid=&gjid=&cid=1522458811.1654532020&tid=UA-150713566-56&_gid=1080532285.1654532020&cd1=aacb9fe295ab11ec9ccb222829db5644&cd12=c7caef17012f48e99285467c1b6d8423&cd13=(not%20set)&cd16=(not%20set)&cd17=(not%20set)&cd15=a450b40a-8fff-4953-8f35-35d6bd057876&cd14=aacb9fe295ab11ec9ccb222829db5644&z=1683136089
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 00:20:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57199
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=593470579&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&dr=None&dp=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&ul=en-us&de=UTF-8&dt=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=MediaMath&ea=MediaMath_Sync_Pixel&el=securityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine&ev=0&_u=4GDACUABBAAAAC~&jid=&gjid=&cid=1522458811.1654532020&uid=98b50848-f6da-47e4-a6b8-e488d48cd5f3&tid=UA-143580012-1&_gid=1080532285.1654532020&cd1=0&cd2=SECURITYINTELLIGENCE&cd3=98b50848-f6da-47e4-a6b8-e488d48cd5f3&cd5=339de385-5aa3-46c6-8753-f8fabde2f05b&cd12=securityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine&cd13=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&cd16=None&cd17=None&cd31=en-US&cd34=url-85e1c2b3e06b87ddd5b2d9723a0213354253e4b2691412fad82df3b24daf6e5b&cd35=1654532018838&cd37=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&cd39=Malware&cd40=non-std&cd60=false&cd68=false&cd69=prod&cd90=2%3A&cm54=0&gtm=2ou610&cd41=MEDIAMATH&cd42=null&cd46=68b1629e-27b4-4e00-aec7-4abbbe73c4d7&cd48=1654532020211&cd49=003ac7e1-8d58-9910-96c0-c7e18d5896c0&cd103=68b1629e-27b4-4e00-aec7-4abbbe73c4d7&z=1289194899
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 00:20:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57199
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
get
consent.trustarc.com/ Frame 7E81 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=crossdomain.html&domain=ibm.com
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?c=teconsent&domain=ibm.com&country=CA&state=QC&language=en-US&privacypolicylink=https%3A%2F%2Fwww.ibm.com%2Fprivacy&js=nj&noticeType=bb&text=true&pcookie&cdn=1&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.81.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-81-3.man50.r.cloudfront.net
Software
nginx /
Resource Hash
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2894
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 06 Jun 2022 15:25:26 GMT
expires
Wed, 06 Jul 2022 15:25:26 GMT
pragma
public
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding Origin
via
1.1 3ed6913225a2751cd6347e2088d1f5fa.cloudfront.net (CloudFront)
x-amz-cf-id
T965HQDL-t6msY1UHC6qRW2L10tPJbpSItLTMQpOwtMHENPxW2vZAQ==
x-amz-cf-pop
MAN50-C2
x-cache
Hit from cloudfront
v1.7-9751
consent.trustarc.com/asset/notice.js/v/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-9751
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?c=teconsent&domain=ibm.com&country=CA&state=QC&language=en-US&privacypolicylink=https%3A%2F%2Fwww.ibm.com%2Fprivacy&js=nj&noticeType=bb&text=true&pcookie&cdn=1&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.81.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-81-3.man50.r.cloudfront.net
Software
nginx /
Resource Hash
d891f81d01e859dafb413cf69bb217f0c6970143a19a9a8b12e29e3409197824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:02:45 GMT
content-encoding
gzip
vary
Accept-Encoding
age
655
x-cache
Hit from cloudfront
pragma
public
access-control-allow-origin
*
last-modified
Mon, 30 May 2022 03:35:27 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
via
1.1 159ab301899b39c6a22a014b475858fa.cloudfront.net (CloudFront)
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-pop
MAN50-C2
timing-allow-origin
*
x-amz-cf-id
xtQdWs3f7wytuXDXCg6_sjiPO1Kotj4vtMz1O52TYaoxpvg16RtIzg==
expires
Wed, 06 Jul 2022 16:02:45 GMT
log
consent.trustarc.com/ 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=ibm.com&country=ca&state=&behavior=implied&c=9566
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.81.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-81-3.man50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 16:13:40 GMT
via
1.1 3ed6913225a2751cd6347e2088d1f5fa.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MAN50-C2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=31536000; includeSubDomains
content-length
43
x-amz-cf-id
VzdAFDlGI-6graVbbk5khWWEOKyFULWQmmbxmb3FGVQJhicW8Bjpmw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ibs:dpid=269&dpuuid=68b1629e-27b4-4e00-aec7-4abbbe73c4d7&ddsuuid=47932129809636591092643384692785063632
dpm.demdex.net/ Frame 9870
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=47932129809636591092643384692785063632&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d47932129809636...
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=68b1629e-27b4-4e00-aec7-4abbbe73c4d7&ddsuuid=47932129809636591092643384692785063632
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=269&dpuuid=68b1629e-27b4-4e00-aec7-4abbbe73c4d7&ddsuuid=47932129809636591092643384692785063632
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
HTTP/1.1
Server
54.186.90.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-90-48.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ibm.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v030-08573c415.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
jYOfHGRDQaY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Mon, 06 Jun 2022 16:13:40 GMT
Server
MT3 4419 e1034d5 master ord-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=269&dpuuid=68b1629e-27b4-4e00-aec7-4abbbe73c4d7&ddsuuid=47932129809636591092643384692785063632
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 06 Jun 2022 16:13:39 GMT
validateCookie
segments.company-target.com/
Redirect Chain
  • https://id.rlcdn.com/464526.gif
  • https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCLTP-JQGEgUI6AcQAEIASgA
  • https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297WX7xwFmjowE_sg68_4eyhAHHO-C8q_Y3hvhriiG20JE
  • https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297WX7xwFmjowE_sg68_4eyhAHHO-C8q_Y3hvhriiG20JE&verifyHash=c64fa78fb44eb408e66482718aa06e4b6d5a37d
26 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297WX7xwFmjowE_sg68_4eyhAHHO-C8q_Y3hvhriiG20JE&verifyHash=c64fa78fb44eb408e66482718aa06e4b6d5a37d
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
HTTP/1.1
Server
54.230.10.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-10-69.man50.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 06 Jun 2022 16:13:41 GMT
Via
1.1 b5e57b301d7ec04bd5d65f7619eb0f34.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MAN50-C3
Vary
Origin
X-Cache
Miss from cloudfront
Content-Type
image/gif
Transfer-Encoding
chunked
Connection
keep-alive
trace-id
184396e17ebd057c
X-Amz-Cf-Id
NJqZTJtk6lvWyX6YnlfDRpPp2tN9nfeciwh7gHnah_GqLq-Za9r04A==

Redirect headers

Date
Mon, 06 Jun 2022 16:13:40 GMT
Via
1.1 b5e57b301d7ec04bd5d65f7619eb0f34.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MAN50-C3
Vary
Origin
X-Cache
Miss from cloudfront
Location
/validateCookie?vendor=liveramp&user_id=Xc1297WX7xwFmjowE_sg68_4eyhAHHO-C8q_Y3hvhriiG20JE&verifyHash=c64fa78fb44eb408e66482718aa06e4b6d5a37d
Connection
keep-alive
trace-id
aa5da8e62c17ae5a
Content-Length
0
X-Amz-Cf-Id
DS4IYCBtJwHUMew550JhWmuo0MHCTGHmWW_GZ12Drdxv04qp4ZwZgg==
ip.json
api.company-target.com/api/v2/ 		442 B
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&page_title=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&src=tag&auth=3bBgqVBte1TTf45vQSDHciEuWvwlaJSrT1DMWtRI
Requested by
Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/ab057a07.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.10.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-10-121.man50.r.cloudfront.net
Software
nginx /
Resource Hash
6e6eeb0b97f1cf56a3e763afef0fd5f77070ff0410881db09426cff02d4396de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:40 GMT
identification-source
CENTRAL
vary
Accept-Encoding, Origin
x-amz-cf-pop
MAN50-C3
x-cache
Miss from cloudfront
request-id
c2a02ff9-ee40-41ca-952d-baa4e8acef03
content-encoding
gzip
pragma
no-cache
access-control-allow-origin
https://securityintelligence.com
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
via
1.1 4ebd12d3359f21eaf8d9b5c9cb81e18e.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
vPkQ7yARV6pCuSefsQ1ghHYk3Yqi5A3d5PVBpct2H4FSXzewF4TApA==
expires
Sun, 05 Jun 2022 16:13:40 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-143580012-1&cid=1522458811.1654532020&jid=692413316&uid=98b50848-f6da-47e4-a6b8-e488d48cd5f3&gjid=1066358635&_gid=1080532285.1654532020&_u=4GBACUAABAAAAC~&z=1645097193
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 06 Jun 2022 16:13:40 GMT
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=477&dpuuid=28310ea270c3d54bb251d5f5186239fb8df47e9d03243958d3dc5a5e1076cf8fb0da87c991749652
dpm.demdex.net/ Frame 9870
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=47932129809636591092643384692785063632
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=28310ea270c3d54bb251d5f5186239fb8df47e9d03243958d3dc5a5e1076cf8fb0da87c991749652
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=28310ea270c3d54bb251d5f5186239fb8df47e9d03243958d3dc5a5e1076cf8fb0da87c991749652
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
HTTP/1.1
Server
54.186.90.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-90-48.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ibm.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v030-0ca7becef.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Fo/a8wqoQZY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Mon, 06 Jun 2022 16:13:40 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=28310ea270c3d54bb251d5f5186239fb8df47e9d03243958d3dc5a5e1076cf8fb0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
iframe
pixel.mathtag.com/sync/ Frame 13A4 		631 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=68b1629e-27b4-4e00-aec7-4abbbe73c4d7&no_iframe=1&mt_adid=171815&mt_lim=20&skipsync=10090&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_pp=2&mt_adid=171815&mt_id=1075167&event_type=catchall&industry=technology&page_name=securityintelligence.com%252Fposts%252Fnew-destructive-malware-cyber-attacks-ukraine&site_language=en-US&version=1.0&search_query=%3Fsocial_post%3D6567161505%26linkId%3D156583495&language=en-CA%2Cen%3Bq%3D0.9&mt_lim=20&document_title=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&location=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&document_path=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&mt_cb=1654532020163
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.253.16 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-253-16.deploy.static.akamaitechnologies.com
Software
MT3 4419 e1034d5 master ord-pixel-x58 config:1.0.0 /
Resource Hash
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
631
Content-Type
text/html
Date
Mon, 06 Jun 2022 16:13:40 GMT
Expires
Mon, 06 Jun 2022 16:13:39 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4419 e1034d5 master ord-pixel-x58 config:1.0.0
img
pixel.mathtag.com/misc/ 		43 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.253.16 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-253-16.deploy.static.akamaitechnologies.com
Software
MT3 4447 e18e916 master iad-pixel-x5 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 06 Jun 2022 16:13:40 GMT
Server
MT3 4447 e18e916 master iad-pixel-x5 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 06 Jun 2022 16:13:39 GMT
adsct
analytics.twitter.com/i/ Frame 9870 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=47932129809636591092643384692785063632&p_id=38594
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ibm.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time
5
date
Mon, 06 Jun 2022 16:13:39 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
bcd5a19d246a9a4de229cc7a6a7ee8e7ff8b11e887c21728a5394c8e017ea6e2
content-length
43
img
pixel.mathtag.com/misc/ Frame 13A4 		43 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=68b1629e-27b4-4e00-aec7-4abbbe73c4d7&no_iframe=1&mt_adid=171815&mt_lim=20&skipsync=10090&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.253.16 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-253-16.deploy.static.akamaitechnologies.com
Software
MT3 4419 e1034d5 master iad-pixel-x3 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=68b1629e-27b4-4e00-aec7-4abbbe73c4d7&no_iframe=1&mt_adid=171815&mt_lim=20&skipsync=10090&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 06 Jun 2022 16:13:40 GMT
Server
MT3 4419 e1034d5 master iad-pixel-x3 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 06 Jun 2022 16:13:39 GMT
notice
consent.trustarc.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=ibm.com&country=ca&js=nj2&c=teconsent&state=QC&language=en-US&privacypolicylink=https%3A%2F%2Fwww.ibm.com%2Fprivacy&noticeType=bb&text=true&pcookie&cdn=1&gtm=1
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?c=teconsent&domain=ibm.com&country=CA&state=QC&language=en-US&privacypolicylink=https%3A%2F%2Fwww.ibm.com%2Fprivacy&js=nj&noticeType=bb&text=true&pcookie&cdn=1&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.81.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-81-3.man50.r.cloudfront.net
Software
nginx /
Resource Hash
b5eddeb0294f81209bc223444bad727fee62932ff7b07c80b649e37e01f7a738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
MAN50-C2
x-cache
Miss from cloudfront
cloudfront-viewer-country
CA
vary
Accept-Encoding
content-length
6904
x-xss-protection
1; mode=block
timing-allow-origin
*
access-control-allow-origin
*
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 159ab301899b39c6a22a014b475858fa.cloudfront.net (CloudFront)
access-control-expose-headers
*
cache-control
max-age=3600
cloudfront-viewer-country-region
QC
x-amz-cf-id
278gZ07zxFqs8QtLftd-6JyCcToqeZ7x8tJT4ybsrgpujN_obBdQAA==
expires
Mon, 06 Jun 2022 17:13:40 GMT
ibs:dpid=1957&dpuuid=2434190AD1EC637C0B4D08B1D046624B
dpm.demdex.net/ Frame 9870
Redirect Chain
  • https://c.bing.com/c.gif?uid=47932129809636591092643384692785063632&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2434190AD1EC637C0B4D08B1D046624B
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2434190AD1EC637C0B4D08B1D046624B
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
HTTP/1.1
Server
54.186.90.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-90-48.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ibm.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v030-01a0dfe89.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
8vYthye0RBE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 06 Jun 2022 16:13:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E640E9DD155A45AD9054CCD922DF1D4E Ref B: YTO01EDGE0714 Ref C: 2022-06-06T16:13:40Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2434190AD1EC637C0B4D08B1D046624B
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
i.gif
collect.tealiumiq.com/ibm/main/2/ 		43 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.tealiumiq.com/ibm/main/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.227.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-227-76.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryFJEO0bx1cXxgD2oB

Response headers

date
Mon, 06 Jun 2022 16:13:40 GMT
vary
Origin
x-serverid
uconnect_i-0a08a4b22ff95741e
x-tid
018139cb154c005968092f93ab9003073007d06b00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
ibm:main:2:datacloud
x-region
us-east-1
content-length
43
pragma
no-cache
x-did
018139cb154c005968092f93ab9003073007d06b00b08
content-type
image/gif
access-control-allow-origin
https://securityintelligence.com
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-ulver
9ea490e1911a29c11d0d8bf037b1ac92d2ee07fa-SNAPSHOT
x-uuid
1003dbec-5697-4d1d-a2f3-289d9ca686c8
expires
Mon, 06 Jun 2022 16:13:40 GMT
ibs:dpid=22052&dpuuid=3627734897764335692
dpm.demdex.net/ Frame 9870
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3627734897764335692
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3627734897764335692
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
HTTP/1.1
Server
54.186.90.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-90-48.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ibm.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v030-094604a5c.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
lJ/+x405QZQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 06 Jun 2022 16:13:40 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
location
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3627734897764335692
cache-control
private
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185
expires
0,Tue, 07 Jun 2022 12:13:40 GMT
ibmplexsans-semibold.woff2
1.www.s81c.com/common/fonts/plex/v1/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1.www.s81c.com/common/fonts/plex/v1/ibmplexsans-semibold.woff2
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:68a::b3a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3df4c72b33d93f627a79f3ec0e4744d88f9478a3513a41ae0a2386abac4ef831
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://securityintelligence.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:40 GMT
last-modified
Mon, 19 Jun 2017 20:17:05 GMT
etag
"9228-55255d18e1240"
strict-transport-security
max-age=2592000
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
37416
expires
Mon, 13 Jun 2022 16:13:40 GMT
ibmplexsans-regular.woff2
1.www.s81c.com/common/fonts/plex/v1/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1.www.s81c.com/common/fonts/plex/v1/ibmplexsans-regular.woff2
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:68a::b3a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
de80b2b0c32b938ed432b49c0f3dc09f8c6152fc6b090ac49294b891ad8933bc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://securityintelligence.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:40 GMT
last-modified
Mon, 19 Jun 2017 20:17:05 GMT
etag
"89cc-55255d18e1240"
strict-transport-security
max-age=2592000
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
35276
expires
Mon, 13 Jun 2022 16:13:40 GMT
get
consent.trustarc.com/ 		679 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/get?name=ibm_close_icon.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.81.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-81-3.man50.r.cloudfront.net
Software
nginx /
Resource Hash
96509ae3806587a5029b14cfa9a0a4ebf0dddaf201bf34516f92edb593f20261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Jun 2022 15:42:59 GMT
via
1.1 3ed6913225a2751cd6347e2088d1f5fa.cloudfront.net (CloudFront)
server
nginx
age
1841
vary
Origin
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=2592000
x-cache
Hit from cloudfront
x-amz-cf-pop
MAN50-C2
timing-allow-origin
*
content-length
679
x-amz-cf-id
CFSojTKhixeg_loYoRJLuG42VnXonuWpLvO2t0D4YJFRL-InWutDcA==
expires
Wed, 06 Jul 2022 15:42:59 GMT
bannermsg
consent.trustarc.com/ 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/bannermsg?action=views&domain=ibm.com&behavior=implied&country=ca&language=en&rand=0.02992288202345539
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.81.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-81-3.man50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:40 GMT
via
1.1 3ed6913225a2751cd6347e2088d1f5fa.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MAN50-C2
x-cache
Miss from cloudfront
vary
Origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
N3vdXI6ScNnfs68sXTyPV_tfM8uShTvDGQsQfPec5S_n5dZJ6mMOvA==
expires
Mon, 06 Jun 2022 16:13:39 GMT
018139cb154c005968092f93ab9003073007d06b00b08
visitor-service-us-east-1.tealiumiq.com/ibm/main/ 		27 B
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor-service-us-east-1.tealiumiq.com/ibm/main/018139cb154c005968092f93ab9003073007d06b00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1654532020738
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.80.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-80-197.compute-1.amazonaws.com
Software
/
Resource Hash
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-version
9ea490e1911a29c11d0d8bf037b1ac92d2ee07fa-SNAPSHOT
date
Mon, 06 Jun 2022 16:13:40 GMT
x-region
us-east-1
content-length
27
strict-transport-security
max-age=31536000; includeSubdomains
x-nodeid
i-0adb9c2df7cc09e51
content-type
application/javascript; charset=utf-8
GettyImages-1335683441.jpg-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/06/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/06/GettyImages-1335683441.jpg-630x330.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
273ac8b36da016dcfc786cbbcd4d47e62bdfd947d1ef712fc94cb4b79531695a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:40 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10802
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Mon, 06 Jun 2022 13:00:04 GMT
server
cloudflare
etag
"2a32-5e0c70cf6fbaa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyCjdPMlvPnIJT4J4crpXgZlcPoK4aIsiyT2X4etl%2BmIP8EljQjOmaBNKAfYD5siLd2f22JTDhspHzXTsiJsEh8Q3czcRtYinJXxkNoNlMJljj%2BKGR0neaLkqC%2FasoNFAIoM6E2iuK4eWLjK86aixo0gmahTUn4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
71726fca592eecee-YUL
expires
Tue, 06 Jun 2023 16:13:40 GMT
Hourglass-on-laptop-computer-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/06/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/06/Hourglass-on-laptop-computer-630x330.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
bdcbfabbff3c6950be7ad8b50349e4f0c7e9d461256f7820fe876785b65afc2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:40 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7756
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Wed, 01 Jun 2022 10:00:03 GMT
server
cloudflare
etag
"1e4c-5e05ff3fd3b9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnLgzR2lS54V1LgTz0FofrIAwINexMSzzOHNR6RiueVU1NVvfsgy8twoWQVB7GlWTnqueeKmjmv0X8HwvqJ0MinSF2CmaAJIU5477cTOAuVDKngQGdQxuu0EXkSgI1G1x4%2FwV2CavJeanywRn1wO%2B%2B80Zi6IJrk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
71726fca5932ecee-YUL
expires
Tue, 06 Jun 2023 16:13:40 GMT
1200x630_highlight-ITG23-Crypters-article-image-630x330.jpg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/05/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/05/1200x630_highlight-ITG23-Crypters-article-image-630x330.jpg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
f9425e9757a30efb44da52fec29c6bd88906ea427cf81c7c7def44abc45a46bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:40 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2906
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Mon, 23 May 2022 12:03:18 GMT
server
cloudflare
etag
"b5a-5dfaca030ce3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAwsUHiOH0VyHttE%2BNfVFpGSHA4efNQNEAVXM%2FuA7jkLagm21Sdf9I5Ae66XMIteQMiz6vn3WhhYi45NW66lI7pvGIqWvCbBJ9wlp8ZmB6fI2hfg0pYLqAzVF6rNCByiv%2FxSiHwB%2ByikAd%2FHAeTU1pyEKP4Sc2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
71726fca5933ecee-YUL
expires
Tue, 06 Jun 2023 16:13:40 GMT
Facade-Flags-Justice-Department-Building-Washington-DC-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/05/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/05/Facade-Flags-Justice-Department-Building-Washington-DC-630x330.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
5cddba1e3ae5c9d5b39dc62254ee8ed6ec063c8af80c784c67317190f96a2ffa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:13:40 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23404
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Mon, 09 May 2022 13:00:04 GMT
server
cloudflare
etag
"5b6c-5de93c971d97c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4NUxWsvVwbyECbjjawYaRS%2BeC%2BsbJLU6tfFiupDYGNA2r7tRDxokprN80RF%2Fvodmd%2FvNuUzt0Z4FevjnXfvSyaLmzJdPjUFHgu1yAOf7M7sJttlo2898%2BFnCI0fmO12mQVmSWFR9Mm0RlZEY7y20uXOk2Ao65w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
71726fca5935ecee-YUL
expires
Tue, 06 Jun 2023 16:13:40 GMT
rum
securityintelligence.com/cdn-cgi/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:67a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type
application/json

Response headers

date
Mon, 06 Jun 2022 16:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
71726fcbeb5aecee-YUL
vary
Origin

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| Swiper function| sendClickTag function| tagAllLinks object| digitalData object| AMP object| _wpemojiSettings undefined| $ function| jQuery object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| elementList object| twemoji object| wp object| _appInfo object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| qpprFrontData boolean| isIdaStatsLoaded boolean| isAnalyticsLibLoaded object| _ibmAnalytics object| _dl object| ghostQueue object| ibmStats function| createPageviewTagForSPA function| bindPageViewWithAnalytics function| jQuery2 boolean| isJQueryOnSupported object| v16elu string| pageViewAttributes object| ibmweb object| dl string| IBMPageCategory boolean| isProductPage object| __cfBeacon object| utag_data function| tealium_enrichment string| US_PRIVACY object| record boolean| getVCPICalled object| utag_err boolean| utag_condload string| tmeid object| responseTokenMap string| entCategory undefined| entCategoryL10 undefined| entCategoryL15 undefined| entCategoryL17 undefined| entCategoryL20 undefined| entCategoryL30 undefined| entCategoryut10 undefined| entCategoryut15 undefined| entCategoryut17 undefined| entCategoryut20 undefined| entCategoryut30 undefined| entCategoryL10_15 undefined| entCategoryut10_15 undefined| entCategoryL10_15_17 undefined| entCategoryut10_15_17 undefined| entCategoryL10_15_17_20 undefined| entCategoryut10_15_17_20 undefined| entCategoryL10_15_17_20_30 undefined| entCategoryut10_15_17_20_30 undefined| nluKeywordsLocal undefined| topicsMap undefined| topics string| categoryCode string| categoryName undefined| eventInfo undefined| url object| utag object| e function| _tealium_old_error boolean| __tealium_twc_switch object| utag_cfg_ovrd object| datalayer object| utag2 string| computedFontFamily object| URXEVENT object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor object| __TEALIUM function| targetPageParamsAll function| targetPageParams string| gtagRename object| dataLayer function| gtag object| MathTag string| d number| f object| _linkedin_data_partner_id string| _linkedin_data_partner_domain function| twq function| mmUuidSync boolean| teconsentActive object| myibm function| onmouseoverFeedback function| onmouseoutFeedback function| onfocusFeedback function| onfocusoutFeedback function| onclickFeedback function| onmouseoutFeedbackforMarketPlace function| onmouseoverFeedbackforMarketPlace function| onfocusoutFeedbackforMarketPlace function| kampyleEvents object| custom function| output function| escapeDismiss function| surveyUtilFn object| twttr string| tmpCurrentUrl function| siteFeedbackClose undefined| environmente object| temp function| createInvitation object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| lintrk boolean| _already_called_lintrk object| $jscomp string| __ncconfig object| ncAudienceInsights string| tempUrl object| overrideKeys string| myitem object| newPatt string| survey_name number| preventCount object| gaplugins object| gaGlobal object| gaData object| truste function| shouldRepop function| shouldResolveConsent object| $temp_inner_iframe object| $temp_closebtn_style object| $temp_box_overlay object| $temp_box_overlay_border string| $temp_externalcss object| Demandbase function| metric function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG object| bnFirstElement

45 Cookies

Domain/Path Name / Value
.cloud.ibm.com/analytics Name: com.ibm.cloud.console.analytics.anonymousId
Value: 98b50848-f6da-47e4-a6b8-e488d48cd5f3
.ibm.com/analytics Name: BM_SESSION_ID
Value: 1654532019188
.securityintelligence.com/ Name: pageviewContext
Value: 339de385-5aa3-46c6-8753-f8fabde2f05b
.securityintelligence.com/ Name: userContext
Value: n/a|0|0|0|CA|QC|0|n/a|n/a
.cloud.ibm.com/ Name: com.ibm.cloud.console.nEU
Value: 1
.securityintelligence.com/ Name: BMAID
Value: 98b50848-f6da-47e4-a6b8-e488d48cd5f3
.securityintelligence.com/ Name: OPTOUTMULTI
Value: 0:0%7Cc1:1%7Cc2:0%7Cc3:0
www-api.ibm.com/ Name: notice_preferences_master
Value: {}
.demdex.net/ Name: demdex
Value: 47932129809636591092643384692785063632
.securityintelligence.com/ Name: AMCVS_D10F27705ED7F5130A495C99%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yp4nswAAAKqjcAN2
.tealiumiq.com/ Name: TAPID
Value: ibm/main>018139cb154c005968092f93ab9003073007d06b00b08|
.dpm.demdex.net/ Name: dpm
Value: 47932129809636591092643384692785063632
.securityintelligence.com/ Name: AMCV_D10F27705ED7F5130A495C99%40AdobeOrg
Value: 359503849%7CMCIDTS%7C19150%7CMCMID%7C54308073135592252663275739716275890183%7CMCAAMLH-1655136819%7C9%7CMCAAMB-1655136819%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1654539219s%7CNONE%7CMCSYNCSOP%7C411-19157%7CvVersion%7C5.0.1
.securityintelligence.com/ Name: __ncuid
Value: a450b40a-8fff-4953-8f35-35d6bd057876
.securityintelligence.com/ Name: nc-previous-guid
Value: aacb9fe295ab11ec9ccb222829db5644
.t.co/ Name: muc_ads
Value: d7f1f65b-0065-4a89-9fd6-013d16234406
.mathtag.com/ Name: uuid
Value: 68b1629e-27b4-4e00-aec7-4abbbe73c4d7
.twitter.com/ Name: personalization_id
Value: "v1_GQb/ahoTl7xJPntld0FSBw=="
.securityintelligence.com/ Name: _ga
Value: GA1.2.1522458811.1654532020
.securityintelligence.com/ Name: _gid
Value: GA1.2.1080532285.1654532020
.securityintelligence.com/ Name: _gat_gtag_UA_143580012_1
Value: 1
.securityintelligence.com/ Name: _gat_ncAudienceInsightsGa
Value: 1
.securityintelligence.com/ Name: notice_behavior
Value: implied|eu
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: a40ca36cc6cd20bac9132a8d256f760
.linkedin.com/ Name: li_sugr
Value: c22f921b-8569-40dd-9e7f-d91cc4dc29ee
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&a97fb4d5-4a65-4704-8275-0e40328bab78"
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2269:u=1:x=1:i=1654532020:t=1654618420:v=2:sig=AQEKpLHGOrcBe4p_D7l7SjqbFfaglPT6"
.rlcdn.com/ Name: rlas3
Value: TKSbn/BMvT/m7uuCMlSC6ycFSp/LG5zqwxdSgsNhhDQ=
.linkedin.com/ Name: UserMatchHistory
Value: AQLHNdKGO-6JPQAAAYE5yxiu1km81mINT4SKI2FFGT4g7_LzNvn5rMuy_irxvYdGE_sJ1B3Wofbz-A
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKOXcZ9ejP8IQAAAYE5yxiu3uyb_eg8ydEmx1n2gi_SakT4ob7wCDIHntypASoJ3jfzeyrrPtvjq5j6NhSW2Q
.rlcdn.com/ Name: pxrc
Value: CLTP+JQGEgUI6AcQABIGCMrdKhAA
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&2022060616134053886b35-376f-4939-8749-c3dfc2f78eb3AQFF8d6EjLzeFDgeqohRCbw3gse3Kn8Y"
.securityintelligence.com/ Name: utag_main
Value: v_id:018139cb154c005968092f93ab9003073007d06b00b08$_sn:1$_se:3$_ss:0$_st:1654533820661$ses_id:1654532019533%3Bexp-session$_pn:1%3Bexp-session$is_country_requiring_explicit_consent:false$dc_visit:1$dc_event:2%3Bexp-session$mm_sync:1%3Bexp-session$mm_ga_sync:1%3Bexp-session$dc_region:us-east-1%3Bexp-session
.bing.com/ Name: MUID
Value: 2434190AD1EC637C0B4D08B1D046624B
.c.bing.com/ Name: MR
Value: 0
.demdex.net/ Name: dextp
Value: 269-1-1654532020300|60-1-1654532020401|1123-1-1654532020502|1957-1-1654532020604|22052-1-1654532020705
.ml314.com/ Name: pi
Value: 3627734897764335692
.company-target.com/ Name: tuuid
Value: 9492c200-5332-4067-b04b-c32e599dfc17
.company-target.com/ Name: tuuid_lu
Value: 1654532020
.adsymptotic.com/ Name: U
Value: 65507fbf96574a590c900fba32b2475e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.www.s81c.com
analytics.newscred.com
analytics.twitter.com
api.company-target.com
api.www.s81c.com
c.bing.com
cdn.ampproject.org
cloud.ibm.com
cm.everesttech.net
collect.tealiumiq.com
consent.trustarc.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
ibm.demdex.net
id.rlcdn.com
idsync.rlcdn.com
images-cdn.welcomesoftware.com
ml314.com
p.adsymptotic.com
pixel.mathtag.com
pixel.newscred.com
px.ads.linkedin.com
px4.ads.linkedin.com
scripts.demandbase.com
securityintelligence.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
t.co
tags.tiqcdn.com
unpkg.com
visitor-service-us-east-1.tealiumiq.com
www-api.ibm.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
100.24.83.44
104.102.253.16
104.18.101.194
104.244.42.5
104.244.42.67
13.107.43.14
13.224.81.3
18.210.210.93
199.232.36.157
216.200.232.249
23.198.216.246
23.3.114.203
23.5.232.186
2600:141b:13::17d7:82d0
2600:141b:9000:68a::b3a
2600:9000:2131:1800:f:fcff:7940:93a1
2606:4700:3036::6815:67a
2606:4700:440e::6812:2fe6
2606:4700::6810:7baf
2607:f8b0:4004:c09::9c
2607:f8b0:4006:806::200a
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80d::2003
2607:f8b0:4006:81f::2001
2607:f8b0:4006:81f::200e
2620:1ec:21::14
2620:1ec:c11::200
34.111.234.236
34.195.85.3
35.190.60.146
52.86.80.197
54.186.90.48
54.230.10.121
54.230.10.127
54.230.10.69
54.83.227.76
99.84.37.52
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03d81c05d2b7bcd709563806be145309333dd0f398a91885350953cda5a1a04f
040d5f70883d0a420aadb6ae2664efd27ac22ca44190b69b4f4ab53db9bda25b
0cebc4cda5eaf2c6fc34cfed64538e75eeeef75b3e6966a5857f790f118933ae
0e82da81b591f6ffc35aa67bcd9e1c39aa5983f7f8baaf35892956e8b2dc004b
0f26aa8bc01c2bc91d280f30496f154c8fcb5c8ac963a2b4f243db6e5be4b5b9
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
138d2443215530069b69d111779d097ad0e6b2eafc239fccd7e157bc24df77ab
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
194ea51d8f1ad1c00fbb738c8b400fbd2e4bd652fd578d52c2d6546d59295154
1ac54ab18202013ec7dfb97f145cc8fe3705702291d5d80c10be15576b5cd0a5
2362a2b6663976d80e30679ab74d07731dd20ba8c5adbcae3d1123a6406d8eda
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
273ac8b36da016dcfc786cbbcd4d47e62bdfd947d1ef712fc94cb4b79531695a
2bed695b279192de5856766067ce26e759a15b0ddabdf7607b0f8a6d82fb8a2e
2e7f5342105b392a295080c87c345965fa5f4dea75ca8af10584bcac7c8d48a2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
31f1c8437b4a34d4b4d66c59927d16774fb6197faf13dbd7b04758a2afdbad0b
32a594a016ff2b8ede56fb26886c74725952dba704d988d1f2560c4af4163435
3450c6a2b18fc63e96502af78d6416e6fd24e57a3f3963825b9ba7d40b8cfc53
3756117d442b3382af417904cf4fd4032b9f99fe66b141d0aa37a6d9fc6c6c26
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3df4c72b33d93f627a79f3ec0e4744d88f9478a3513a41ae0a2386abac4ef831
3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b
3fd9715bcf937148054c65896943f31285b049e439a66da3393970a97935a10a
400dd9c39d2d01ed976237c79a8ad0c20be47971a0467f2269c8ebe55567bcc8
4592c521f52bd17d12a3df2183effd3603f70b5db98edfcf3f739a72e80c5d16
473b9fbb17fa7755c34ae89223bb3d75e7c9220cb31cae32e5838eae3b5814fe
49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785
4a4f63fe60b19218be345784bc89f2254b401217dd2c009afe68d4687a2c2364
4bb75c598d42e67d78fbfedcdfdd20744fdbef2a0435768cdeae0daf021a21e0
4dd1908c6a8fd56a009de150a0d1b0c6c18a21543ff2f246a7108f385a22500e
54d3e6fd6df1340fa8bfe759ccbf99d178b5bebe49ef39bc4ef0ba99f0420c00
54e73aef7b2b0ccad0cdbfc30b6c82a011948df3827919196a0f27893ce5d5c6
5cddba1e3ae5c9d5b39dc62254ee8ed6ec063c8af80c784c67317190f96a2ffa
5d5997f11a9482db230a12a91801a5006294d0c68817607fb2d8efdc7ecf006a
5db4e350627f9dfd70cce59c8b131c9071650a5c0d1335145eecbecf07343dcf
65a5acabcf3544222a38b6666e37a79282dfe1ee5a30b6f5cbccc5e196920dc7
663a14b3fbb5e44ad939917a2f6f4d93f31a0a1d8ab6702fb0a66036141ddc8b
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
681e885d2baf3a5865cfa1fd6b9e5855b8a104b379208852b595c4e72f2c54b8
685f34474f32ea1d970b320b86a646f159cf25190c2f651be54a217df6cafcaa
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6eeb0b97f1cf56a3e763afef0fd5f77070ff0410881db09426cff02d4396de
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
7656ab511253f42ca6100b743c11cb9dd3362c5fc4858c6d3f2fa628448e12e2
78d81902971c05b37d3eb2260486bc9b76d9c13e3787eb3287667ba53d423350
790cfd19a8e033f96c28d63386fc4e3aff117ed855f762b40f39691a921de760
7978bdf5d9580547eef7aa32eaf9a9cbb9c1d90d5f82f4657cf79a90cfdb5c57
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7bf8c8af5f6bd977c4618843d6f103ef01162da38c8cc27b5f292549c9a1ca7d
7e7e47e0b63f2d7aaed76f33ad2153ad7df9ce69c31a4804a52a5ca0d1afb0ca
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
814759860cc987a983b49f360ae29e58b08fda03e86356545d310f44bd8c972c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
856d2fc18d742b96953b49d99b3268fdd46f0f1c184b540c8410d1d8fc8bb2ab
86042f3e488c299da25a01ea2decaf7e796abd7ae4811782a75abc7ee78ee8d2
8693f5f77e3b9920b8833965bed0507fe14bdde20292fa872b43ebc083b25c55
898413f0d39495364dbf2fea8d75f90c5e59196b8a659f4cd3b97d5e0a491367
8acf0e08569c9e585911ae255e03ea4e00aa2df82c766cb47a68ea5c23369b9d
8d4a8fd92a0381d2c534abe994beba126da9eb4b5de49412c78a06ee4c730c20
90596b3d8081c6c46f53c00cc4215ccb61cadd6b0268bc2f9fe553c35774753d
96509ae3806587a5029b14cfa9a0a4ebf0dddaf201bf34516f92edb593f20261
96dfc5f50442cc86b4a34c0776427374af0b3a906c0d1b27ef2916e78b721f13
97726d7a57a36fcda8667bc041f0ac27cdd5f9bd8272c816b96047318dc0b1a3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c7c2f2956f1110e5e7e360759c0fc49b62242b1e79667d67dbf945128551c54
9fa5f4494a80ecf219df87f5a3bedccc280a4a458e72a12732411ec531731bb4
a03cc75c17f2555dcbbacc84db95172d7c14fedfae9adb48e1e85ae925370b81
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ffb612967aa8da5e1866aab66bb3d9aebed2335ae05b6df9212f16a1f4b62c
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a43eef4f4ff93c72b28db2f2723ca8acffb9e478fd71a117d00c720a96229ef4
a5b477daa2e51a490ea0304e35751aaa50565e8e751fd3faf4f31294e7ffcc96
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15464de7fe26f72a119b3b0dd1bd7376542f294702211a92618e33710c481f9
b5eddeb0294f81209bc223444bad727fee62932ff7b07c80b649e37e01f7a738
b5f4df0247e5df3b3b83ca6e660e00a736a45c36b07edd571bb6d209744d3c09
b6440fc0195f3b55d6745b071f7fc9201aa74fe10a6bf8e403ef3660552d08aa
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd50da2add488ef7be504787691327f38b4abfd710c26f4a49308ddc1e197deb
bdcbfabbff3c6950be7ad8b50349e4f0c7e9d461256f7820fe876785b65afc2f
be27ec6529da1b2c5f4cf2a1c57a5ac7dd651b81646ba764183c6c3b619e7f7c
bf4eae9216be01f9a411ac93c5008eb38a3abdbb12fdb50ef974a4599e90220a
c43fff2e7f6c8de31aa918897cafa8560463b46cf5c9c70d400bf48ae430ab57
c47d3b4fba602a39c1566d5fb80a392b71626f22aa18ae43a881464b99550565
c9940eb9806fb1f3130839bcf4913ab6fe6e3cffac01c7cc2740b9bd355d5ec1
ca9b10dd6f91b1495f2f5afb055e060c55a5cc89e12c435e383cc1998741a739
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d87e9a5f66c1631a2b24f3ae74e4ffbedf00b643d1c57bded3c119773dcb0968
d891f81d01e859dafb413cf69bb217f0c6970143a19a9a8b12e29e3409197824
da514714c772d8dc5d8b412814d7b9af80665ed0ac579bedb33fe420ed022d2c
dca337d11cb99c194e99da0a8780ec4219ff742646b52a49675fffe44f5a7658
de27518c3c5d1797233a4db0ddf161c05e2b1480408b31b2c86d6949fa1376f2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de80b2b0c32b938ed432b49c0f3dc09f8c6152fc6b090ac49294b891ad8933bc
deb89b2cb1badbd9a684e6aed8409d4d7e7a9ef9d863b95c1116755a307a5f5a
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
e10c0bc79c425822dac76b3b3d381f523bc1a548b922ee73ce3435ef45c2ae6b
e1b1e30b7778a859a6584d608645bf5d8402cf53fcf078b55fe617a117fec429
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3181e593aa1c8a96cdd550ee065310398ea980f29f9582275b9b42110cb116b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e59430d3e263e177152d6bdf531a0ecab5ec4b81339cdec2564ece447abcbe68
e89cc85750cabe4a1352be2c824af05958b906fdf9ab9b9e99fdd15a4d798152
e92265072a38145d453d32d16e98360a21fd2431fe8c623ac083e8207d004c05
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9425e9757a30efb44da52fec29c6bd88906ea427cf81c7c7def44abc45a46bd
fa65ae4b632714fe246c34a2c886c18d143750b5ad4c17ccb791b0e19c796c20
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fded9ec5820ad165d5b36a6f23fac4b0f2d1b32e714d651c081122442c0df277
fe286d4418ea555bb568a81ebcaab56560fc7d076eda46a790290db0c942e708