www.welivesecurity.com Open in urlscan Pro
2606:2800:11f:1cb7:261b:1f9c:2074:3c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
Submission: On June 06 via api (June 6th 2022, 4:13:20 pm UTC) from CA — Scanned from CA

Summary HTTP 105 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 31 domains to perform 105 HTTP transactions. The main IP is 2606:2800:11f:1cb7:261b:1f9c:2074:3c, located in United States and belongs to EDGECAST, US. The main domain is www.welivesecurity.com. The Cisco Umbrella rank of the primary domain is 424799.
TLS certificate: Issued by Thawte RSA CA 2018 on January 18th 2022. Valid for: a year.

This is the only time www.welivesecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2606:2800:11f... 2606:2800:11f:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	2620:1ec:46::40 2620:1ec:46::40	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2008	15169 (GOOGLE) (GOOGLE)
1	2606:2800:11f... 2606:2800:11f:17a5:191a:18d5:537:22f9	15133 (EDGECAST) (EDGECAST)
4	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1	54.230.10.86 54.230.10.86	16509 (AMAZON-02) (AMAZON-02)
2	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
20	2600:9000:213... 2600:9000:2131:7600:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
2	20.42.73.141 20.42.73.141	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f03... 2a03:2880:f03a:1c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:824::200d	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f13... 2a03:2880:f13a:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
1	199.232.192.64 199.232.192.64	54113 (FASTLY) (FASTLY)
2 3	13.224.81.61 13.224.81.61	16509 (AMAZON-02) (AMAZON-02)
2 5	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 3	54.221.225.158 54.221.225.158	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.232.160.63 34.232.160.63	14618 (AMAZON-AES) (AMAZON-AES)
1	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
21 37	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
5 5	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.3 34.98.67.3	15169 (GOOGLE) (GOOGLE)
1 2	104.18.101.194 104.18.101.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
5 5	68.67.181.202 68.67.181.202	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 3	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
2 2	34.213.154.128 34.213.154.128	16509 (AMAZON-02) (AMAZON-02)
1 1	44.196.45.105 44.196.45.105	14618 (AMAZON-AES) (AMAZON-AES)
1	75.101.130.249 75.101.130.249	14618 (AMAZON-AES) (AMAZON-AES)
2 2	104.81.136.162 104.81.136.162	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2 2	199.38.167.128 199.38.167.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 3	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
105	25

29 2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

www.welivesecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::40 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

assets.esetstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2008 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:11f:17a5:191a:18d5:537:22f9 (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81f::200e (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.10.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-10-86.man50.r.cloudfront.net

cdn1.esetstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

welivesecurity.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:2131:7600:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.42.73.141 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f03a:1c:face:b00c:0:3 (Minneapolis, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200e (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::200d (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f13a:83:face:b00c:0:25de (Minneapolis, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.64 (United States)

ASN54113 (FASTLY, US)

glitter.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.81.61 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-81-61.man50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.178.254.65 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.221.225.158 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-225-158.compute-1.amazonaws.com

io.narrative.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.160.63 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-160-63.compute-1.amazonaws.com

obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 35.190.60.146 (Kansas City, United States) 21 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ei.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rc.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.101.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.181.202 (Secaucus, United States) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.200.232.249 (Frederick, United States) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.177.54 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.213.154.128 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-154-128.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.196.45.105 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-45-105.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.101.130.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-130-249.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.81.136.162 (Secaucus, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-81-136-162.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 2 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.38.167.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	rlcdn.com 21 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 300 ei.rlcdn.com — Cisco Umbrella Rank: 1839 rc.rlcdn.com — Cisco Umbrella Rank: 3337	3 KB
29	welivesecurity.com www.welivesecurity.com — Cisco Umbrella Rank: 424799	2 MB
20	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 4124	583 KB
9	disqus.com welivesecurity.disqus.com disqus.com — Cisco Umbrella Rank: 2859 glitter.services.disqus.com — Cisco Umbrella Rank: 9644 referrer.disqus.com — Cisco Umbrella Rank: 6128	70 KB
5	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	5 KB
5	doubleclick.net 5 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 191	663 B
5	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 772	6 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 100 accounts.google.com — Cisco Umbrella Rank: 78	44 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 405	636 B
3	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 265	3 KB
3	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 348	421 B
3	narrative.io 1 redirects io.narrative.io — Cisco Umbrella Rank: 2239	1 KB
3	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 2215	3 KB
3	esetstatic.com assets.esetstatic.com — Cisco Umbrella Rank: 578429 cdn1.esetstatic.com — Cisco Umbrella Rank: 509729	7 KB
2	rfihub.com 2 redirects p.rfihub.com — Cisco Umbrella Rank: 684	2 KB
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 358	764 B
2	bluekai.com 2 redirects tags.bluekai.com — Cisco Umbrella Rank: 463	2 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1183 beacon.krxd.net — Cisco Umbrella Rank: 424	500 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 194	2 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 409	1 KB
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 511	486 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	85 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 747	304 B
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 3821	392 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com — Cisco Umbrella Rank: 39385	291 B
1	gstatic.com www.gstatic.com	34 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 1660	22 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	79 KB
105	31

	Domain	Requested by
29	www.welivesecurity.com	www.welivesecurity.com
20	idsync.rlcdn.com	4 redirects live.rezync.com
20	c.disquscdn.com	welivesecurity.disqus.com disqus.com c.disquscdn.com
16	rc.rlcdn.com	16 redirects
5	ib.adnxs.com	5 redirects
5	cm.g.doubleclick.net	5 redirects
5	pippio.com	2 redirects c.disquscdn.com
5	disqus.com	welivesecurity.disqus.com c.disquscdn.com
4	match.adsrvr.org	4 redirects
4	www.google-analytics.com	www.googletagmanager.com www.welivesecurity.com
3	pixel.tapad.com	2 redirects live.rezync.com
3	s.amazon-adsystem.com	1 redirects
3	us-u.openx.net	3 redirects
3	io.narrative.io	1 redirects
3	live.rezync.com	2 redirects c.disquscdn.com
3	accounts.google.com	apis.google.com www.welivesecurity.com www.gstatic.com
2	p.rfihub.com	2 redirects
2	gum.criteo.com	2 redirects
2	tags.bluekai.com	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.mathtag.com	2 redirects
2	p.adsymptotic.com	1 redirects
2	apis.google.com	c.disquscdn.com apis.google.com
2	connect.facebook.net	c.disquscdn.com connect.facebook.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	welivesecurity.disqus.com	www.welivesecurity.com
2	assets.esetstatic.com	www.welivesecurity.com
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	tags.rd.linksynergy.com	1 redirects
1	ei.rlcdn.com	1 redirects
1	referrer.disqus.com
1	obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	1 redirects
1	glitter.services.disqus.com	c.disquscdn.com
1	www.gstatic.com	accounts.google.com
1	www.facebook.com	c.disquscdn.com
1	cdn1.esetstatic.com	www.welivesecurity.com
1	az416426.vo.msecnd.net	www.welivesecurity.com
1	www.googletagmanager.com	www.welivesecurity.com
105	39

This site contains links to these domains. Also see Links.

Domain
www.eset.com
www.facebook.com
twitter.com
www.linkedin.com
www.politico.eu
www.reuters.com
github.com
symantec-enterprise-blogs.security.com
en.wikipedia.org
attack.mitre.org
eset.com

Subject Issuer	Validity	Valid
www.welivesecurity.com Thawte RSA CA 2018	`2022-01-18` - `2023-02-03`	a year	crt.sh
assets.esetstatic.com Thawte RSA CA 2018	`2021-10-28` - `2022-11-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
*.esetstatic.com Thawte RSA CA 2018	`2021-09-22` - `2022-10-02`	a year	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-20`	a year	crt.sh
a.disquscdn.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 01	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-16` - `2022-06-14`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-01-31` - `2023-03-04`	a year	crt.sh
*.rezync.com Amazon	`2021-12-26` - `2023-01-23`	a year	crt.sh
pippio.com GTS CA 1D4	`2022-06-05` - `2022-09-03`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
Frame ID: 1126E4ED3EE0DA1A3C4E329EAF2AA7A8
Requests: 45 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
Frame ID: 024B480639A28FC5278DF654001B751B
Requests: 30 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: B9A6C9500969B16DD242EBBEEFCFDF9C
Requests: 4 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c45k8mcv3vqaljm&pctry=CA&referrer=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F
Frame ID: 9A16685A5889F5ABC90AF819BE5FEC9F
Requests: 4 HTTP requests in this frame

Frame: https://pippio.com/api/sync?pid=1391&ref=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&it=1&iv=c45k8mcv3vqaljm
Frame ID: CCB76D77FDB0AC39435A9CDEB9222DE9
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IsaacWiper y HermeticWizard: un nuevo wiper y worm utilizados en ciberataques a Ucrania | WeLiveSecurity

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

105
Requests

76 %
HTTPS

32 %
IPv6

31
Domains

39
Subdomains

25
IPs

2
Countries

2649 kB
Transfer

4245 kB
Size

40
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.eset.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&url=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&text=IsaacWiper%20y%20HermeticWizard:%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania%0A&via=welivesecurity

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/ESETresearch/status/1496581903205511181
Title: tweet

Search URL Search Domain Scan URL

URL: https://www.politico.eu/article/minister-ukraine-websites-down-in-another-massive-online-attack/
Title: ataques distribuidos de denegación de servicio (DDoS) contra algunos de los principales sitios web ucranianos

Search URL Search Domain Scan URL

URL: https://www.reuters.com/world/europe/cyprus-games-writer-denies-links-malware-found-before-russian-invasion-2022-02-24/
Title: informe de Reuters

Search URL Search Domain Scan URL

URL: https://github.com/SecureAuthCorp/impacket
Title: Impacket

Search URL Search Domain Scan URL

URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ukraine-wiper-malware-russia
Title: publicación

Search URL Search Domain Scan URL

URL: https://github.com/SecureAuthCorp/impacket/blob/cd4fe47cfcb72d7d35237a99e3df95cedf96e94f/examples/wmiexec.py#L295
Title: GitHub

Search URL Search Domain Scan URL

URL: https://github.com/kavika13/RemCom
Title: RemCom

Search URL Search Domain Scan URL

URL: https://github.com/bleachbit/windows-wipe/blob/master/filewipe.py
Title: proyecto Windows Wipe en GitHub

Search URL Search Domain Scan URL

URL: https://twitter.com/AvastThreatLabs/status/1496663206634344449
Title: tweet

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/ISAAC_(cipher)
Title: ISAAC

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/resources/versions/
Title: versión 10

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/versions/v10/techniques/T1588/002
Title: T1588.002

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/versions/v10/techniques/T1588/003
Title: T1588.003

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/versions/v10/techniques/T1078/002/
Title: T1078.002

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/versions/v10/techniques/T1059/003
Title: T1059.003

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/versions/v10/techniques/T1106
Title: T1106

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/versions/v10/techniques/T1569/002
Title: T1569.002

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/versions/v10/techniques/T1047
Title: T1047

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/versions/v10/techniques/T1018/
Title: T1018

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/versions/v10/techniques/T1021/002
Title: T1021.002

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/versions/v10/techniques/T1021/003/
Title: T1021.003

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/versions/v10/techniques/T1561/002
Title: T1561.002

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/versions/v10/techniques/T1561/001
Title: T1561.001

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/versions/v10/techniques/T1485
Title: T1485

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/versions/v10/techniques/T1499/002
Title: T1499.002

Search URL Search Domain Scan URL

URL: https://www.eset.com/int/business/services/threat-intelligence/?utm_source=welivesecurity.com&utm_medium=referral&utm_campaign=wls-research&utm_content=isaacwiper-hermeticwizard-wiper-worm-targeting-ukraine

Search URL Search Domain Scan URL

URL: https://eset.com/
Title: ESET

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac45k8mcv3vqaljm&ret=img&ref=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F HTTP 302
https://io.narrative.io/?io.narrative.guid.v2=929aadc0-e5b3-11ec-96af-0e9f37bd45a9&companyId=19&id=disqus_id%3Ac45k8mcv3vqaljm&ret=img&ref=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F

Request Chain 79

https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D0%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac45k8mcv3vqaljm HTTP 302
https://io.narrative.io/?companyId=19&gdpr=0&gdpr_consent=&id=disqus_id:c45k8mcv3vqaljm&puid=92a423a0-e5b3-11ec-a5c2-57f5371766d7

Request Chain 81

https://idsync.rlcdn.com/462246.gif?partner_uid=c45k8mcv3vqaljm HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKabHBIbChcIARDI-AEaD2M0NWs4bWN2M3ZxYWxqbRAAGg0InM_4lAYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=1e5508b07fb6870f18ea32cef948c3f02573ad19d154f19eca45984bbd4688f3791426b5417dce21&_=2

Request Chain 82

https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=1017&cparams=placement%3D1391 HTTP 307
https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpEhoKFggBEAAaEE1hdUpUYlBLeS1lZklBZE0QABoMCJzP-JQGEgQIAhAAQgBKAA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpEhoKFggBEAAaEE1hdUpUYlBLeS1lZklBZE0QABoMCJzP-JQGEgQIAhAAQgBKAA&google_error=3

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CO8KEhoKFggBEPkHGg9jNDVrOG1jdjN2cWFsam0QABqXAQicz_iUBhIECAIQABIFCJQpEAASBQjlKxAAEgUI5isQABIFCOcrEAASBQjoKxAAEgUI6SsQABIFCOorEAASBQjrKxAAEgUI7CsQABIFCO0rEAASBQjuKxAAEgUI1UMQABIFCN5OEAASBgjjrysQABIGCO2vKxAAEgYI7q8rEAASBgjvrysQABIGCPCvKxAAEgYI8a8rEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CO8KEhoKFggBEPkHGg9jNDVrOG1jdjN2cWFsam0QABqXAQicz_iUBhIECAIQABIFCJQpEAASBQjlKxAAEgUI5isQABIFCOcrEAASBQjoKxAAEgUI6SsQABIFCOorEAASBQjrKxAAEgUI7CsQABIFCO0rEAASBQjuKxAAEgUI1UMQABIFCN5OEAASBgjjrysQABIGCO2vKxAAEgYI7q8rEAASBgjvrysQABIGCPCvKxAAEgYI8a8rEABCAEoA&google_error=3 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=801392ca-df16-4f62-88cd-fcf47b8edd7d

Request Chain 84

https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d HTTP 302
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d&_expected_cookie=43f05d34ac580937a87e56df9fe430d6

Request Chain 85

https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D1391 HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=327377d5-5215-4908-9e09-3cabc47b66ec

Request Chain 86

https://rc.rlcdn.com/456809.gif?n=2&cparams=placement%3D1391 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMWeyf9w8ImM8T_Azfi2edU&google_cver=1

Request Chain 87

https://rc.rlcdn.com/456809.gif?n=3&cparams=placement%3D1391 HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fserved_by%253Devergreen%2526partner_uid%253D%2524UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1270335229494304850

Request Chain 88

https://rc.rlcdn.com/456809.gif?n=4&cparams=placement%3D1391 HTTP 307
https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D HTTP 302
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=ecce629e-279c-4200-a8f7-2acf9527ff20

Request Chain 89

https://rc.rlcdn.com/456809.gif?n=5&cparams=placement%3D1391 HTTP 307
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
https://idsync.rlcdn.com/362588.gif?partner_uid=8591eac4-3537-475a-a748-43710ee6fa46

Request Chain 90

https://rc.rlcdn.com/456809.gif?n=6&cparams=placement%3D1391 HTTP 307
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=&cb=09274259 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=&cb=09274259&dcc=t

Request Chain 91

https://rc.rlcdn.com/456809.gif?n=7&cparams=placement%3D1391 HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=327377d5-5215-4908-9e09-3cabc47b66ec

Request Chain 92

https://rc.rlcdn.com/456809.gif?n=8&cparams=placement%3D1391 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMWeyf9w8ImM8T_Azfi2edU&google_cver=1

Request Chain 93

https://rc.rlcdn.com/456809.gif?n=9&cparams=placement%3D1391 HTTP 307
https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D HTTP 302
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=ecce629e-279c-4200-a8f7-2acf9527ff20

Request Chain 94

https://rc.rlcdn.com/456809.gif?n=10&cparams=placement%3D1391 HTTP 307
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
https://idsync.rlcdn.com/362588.gif?partner_uid=8591eac4-3537-475a-a748-43710ee6fa46

Request Chain 95

https://rc.rlcdn.com/456809.gif?n=11&cparams=placement%3D1391 HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1270335229494304850

Request Chain 96

https://rc.rlcdn.com/456809.gif?n=12&cparams=placement%3D1391 HTTP 307
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=0e780a9d4ffc4d5e2c4f591678a1d4764f7a666a9c2d5b327f7858f2e91cbb8ac0cb235b3774c97e&cb=05809348

Request Chain 97

https://rc.rlcdn.com/456809.gif?n=13&cparams=placement%3D1391 HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=6cf1f8e2eab1a5f7da7b7cc30e901a56dc555407d77d38268d349bc72918cf17b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=6cf1f8e2eab1a5f7da7b7cc30e901a56dc555407d77d38268d349bc72918cf17b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
https://idsync.rlcdn.com/362248.gif?partner_uid=08330111957811374302272474968994982564

Request Chain 98

https://rc.rlcdn.com/456809.gif?n=14&cparams=placement%3D1391 HTTP 307
https://usermatch.krxd.net/um/v2?partner=liveramp HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp

Request Chain 99

https://rc.rlcdn.com/456809.gif?n=15&cparams=placement%3D1391 HTTP 307
https://tags.bluekai.com/site/2035?phint=rluid=97d6e515ad09618731d7cc6075cc9e58fab648e9dbfba45f768b6b33361ce8382971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24BK_UUID_25515 HTTP 302
https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515

Request Chain 100

https://rc.rlcdn.com/456809.gif?n=16&cparams=placement%3D1391 HTTP 307
https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=NH5cwtpcIOI7pFRGZHW6qdpvyAFciwgS

Request Chain 101

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=1270335229494304850 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=5e5d7ea1-673d-4ef2-8b81-f95ad883fcfb%3A1654531996.54&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc45k8mcv3vqaljm HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c45k8mcv3vqaljm HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1270335229494304850

Request Chain 102

https://p.rfihub.com/cm?pub=39342&in=1&userid=5e5d7ea1-673d-4ef2-8b81-f95ad883fcfb%3A1654531996.54&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=968062829807697887 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c45k8mcv3vqaljm HTTP 307
https://tags.bluekai.com/site/2035?phint=rluid=97d6e515ad09618731d7cc6075cc9e58fab648e9dbfba45f768b6b33361ce8382971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24BK_UUID_25515 HTTP 302
https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515

Request Chain 103

https://pixel.tapad.com/idsync/ex/receive?partner_id=3181&partner_device_id=5e5d7ea1-673d-4ef2-8b81-f95ad883fcfb%3A1654531996.54 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3181&partner_device_id=5e5d7ea1-673d-4ef2-8b81-f95ad883fcfb%3A1654531996.54 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=85f5ea19-e4b4-4550-855f-a25e4178e316%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8591eac4-3537-475a-a748-43710ee6fa46&ttd_puid=85f5ea19-e4b4-4550-855f-a25e4178e316%2C

105 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/ 83 KB
19 KB 482ms
330ms Document
text/html 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/7984) /

Resource Hash

a909710daedc50030a54a88328998023160cce11483274caf45179093c809396

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=3600 public
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 06 Jun 2022 16:13:13 GMT
expires: Mon, 06 Jun 2022 17:13:13 GMT
link: <https://www.welivesecurity.com/?p=159856>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: ECAcc (nya/7984)
strict-transport-security: max-age=15724800
vary: Accept-Encoding Origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 main.css
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/ 235 KB
37 KB 23ms
22ms Stylesheet
text/css 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/main.css?id=b3e7fe8a6c3736dca145

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/1C42) /

Resource Hash

726e0505145c1135e354e1cccfb73fc3685d408b3fd84b0a6d2446562b2b767a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3754730
x-cache: HIT
strict-transport-security: max-age=15724800
content-length: 37622
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Apr 2022 13:05:36 GMT
server: ECAcc (nya/1C42)
etag: W/"62581c20-3adfe"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, public
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 cookiebar.min.css
assets.esetstatic.com/3PS/ 5 KB
2 KB 287ms
157ms Stylesheet
text/css 2620:1ec:46::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.esetstatic.com/3PS/cookiebar.min.css

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

fd8f6b19f6594c79bbf4e63b76d57e3230959f2fc0b3805277472b7e8061cdf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=2592000;
content-encoding: gzip
referrer-policy: no-referrer
server: Apache
date: Mon, 06 Jun 2022 16:13:12 GMT
x-frame-options: sameorigin
x-cache: TCP_REMOTE_HIT
content-type: text/css;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=3600, s-maxage=3600
x-azure-ref: 0mSeeYgAAAADjFHNt+p3kS4MCxOZKr0aaQ0hHRURHRTE2MjAAZTQxNzJiYzEtNGZlZS00M2U2LWE3ZTgtMzVkZjVjYWQ3MDNl
x-azure-ref-originshield: 0mSeeYgAAAABiPD/3qj6vT6+xxr2/YcwXRVdSMzBFREdFMDUwNwBlNDE3MmJjMS00ZmVlLTQzZTYtYTdlOC0zNWRmNWNhZDcwM2U=
vary: Accept-Encoding
content-length: 1481
x-content-type-options: nosniff

GET
H2 200 eset-wls-dark-header-1.svg
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/ 3 KB
1 KB 42ms
36ms Image
image/svg+xml 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/eset-wls-dark-header-1.svg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/7967) /

Resource Hash

f0edf4ed283d119399dcb7025914b6a68a187667085bcbc49fe91db20f952cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3880005
x-cache: HIT
strict-transport-security: max-age=15724800
content-length: 1162
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Apr 2022 20:41:59 GMT
server: ECAcc (nya/7967)
etag: W/"62607017-bb2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, public
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 eset-wls-dark-header-2.svg
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/ 3 KB
1 KB 39ms
33ms Image
image/svg+xml 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/eset-wls-dark-header-2.svg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/1C6F) /

Resource Hash

35ccbb14f6d8b7ed5eb03728f94221f27ed194ae83b32c40315d531f49b10bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5863921
x-cache: HIT
strict-transport-security: max-age=15724800
content-length: 1257
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 18:21:10 GMT
server: ECAcc (nya/1C6F)
etag: W/"621e6416-a8a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, public
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 eset-wls-light-header-1.svg
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/ 3 KB
1 KB 40ms
34ms Image
image/svg+xml 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/eset-wls-light-header-1.svg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/79F1) /

Resource Hash

5813b04bb0c879b76179735995127ddc2af1867f42d4a4b5a8d7c3103f348b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2419826
x-cache: HIT
strict-transport-security: max-age=15724800
content-length: 1177
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 06 May 2022 16:04:20 GMT
server: ECAcc (nya/79F1)
etag: W/"62754704-bc1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, public
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 eset-wls-light-header-2.svg
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/ 2 KB
1 KB 40ms
35ms Image
image/svg+xml 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/eset-wls-light-header-2.svg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/79B4) /

Resource Hash

12c42fa79dc321e56bb3c23008cacf7a79771bab4fa61f765556e24ba13a89ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5954747
x-cache: HIT
strict-transport-security: max-age=15724800
content-length: 1102
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 18:21:10 GMT
server: ECAcc (nya/79B4)
etag: W/"621e6416-967"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, public
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 twitter_profile_picture_400x400-222x179.png
www.welivesecurity.com/wp-content/uploads/2022/03/ 33 KB
33 KB 104ms
99ms Image
image/png 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2022/03/twitter_profile_picture_400x400-222x179.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/1C19) /

Resource Hash

730d4b3194f10a8c177046e001a83e0391e3b6ef2f1386d368a51c2433a98127

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Mar 2022 05:08:04 GMT
server: ECAcc (nya/1C19)
etag: "62219eb4-8287"
strict-transport-security: max-age=15724800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000, public
x-content-type-options: nosniff
accept-ranges: bytes
vary: Origin
content-length: 33415
x-xss-protection: 1; mode=block
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 Figure-1.-Code-signing-certificate-assigned-to-Hermetic-Digital-Ltd-1024x607.png
www.welivesecurity.com/wp-content/uploads/2022/03/ 375 KB
375 KB 111ms
106ms Image
image/png 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2022/03/Figure-1.-Code-signing-certificate-assigned-to-Hermetic-Digital-Ltd-1024x607.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/1C22) /

Resource Hash

2230603b8ba7c0020fd16a1582d087decbc8381475e125271c2e13530f1592d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
x-content-type-options: nosniff
content-security-policy-report-only: report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
strict-transport-security: max-age=15724800
content-length: 384050
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 18:56:47 GMT
server: ECAcc (nya/1C22)
etag: "621e6c6f-5dc32"
vary: Origin
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000, public
accept-ranges: bytes
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 Figure-2.-Timeline-of-important-events-1024x606.png
www.welivesecurity.com/wp-content/uploads/2022/03/ 217 KB
217 KB 90ms
86ms Image
image/png 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2022/03/Figure-2.-Timeline-of-important-events-1024x606.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/78C2) /

Resource Hash

d34bbac8aeb622f108a95c454c22cf791d514432d9118ed19aabf361e4bed34c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
x-content-type-options: nosniff
content-security-policy-report-only: report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
strict-transport-security: max-age=15724800
content-length: 222059
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 18:56:49 GMT
server: ECAcc (nya/78C2)
etag: "621e6c71-3636b"
vary: Origin
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000, public
accept-ranges: bytes
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 Figure-3.-HermeticRansom%E2%80%99s-ransom-note-1024x471.png
www.welivesecurity.com/wp-content/uploads/2022/03/ 253 KB
254 KB 87ms
84ms Image
image/png 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2022/03/Figure-3.-HermeticRansom%E2%80%99s-ransom-note-1024x471.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/79B9) /

Resource Hash

18fc4c578d185b0c9979c16e1c6b431e3079b3b06b98d56995a29ab7a90bdfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
x-content-type-options: nosniff
content-security-policy-report-only: report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
strict-transport-security: max-age=15724800
content-length: 259347
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 18:56:49 GMT
server: ECAcc (nya/79B9)
etag: "621e6c71-3f513"
vary: Origin
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000, public
accept-ranges: bytes
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 bandook-bandidos-eti-cta.png
www.welivesecurity.com/wp-content/uploads/2021/07/ 47 KB
47 KB 44ms
41ms Image
image/png 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2021/07/bandook-bandidos-eti-cta.png

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/78B4) /

Resource Hash

16446c63d4890cf1704eff93c7d261c1b1b950877ec708a49b380aaa6bc88195

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
x-content-type-options: nosniff
age: 3689722
x-cache: HIT
content-length: 47790
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 01:07:57 GMT
server: ECAcc (nya/78B4)
etag: "60e64fed-baae"
strict-transport-security: max-age=15724800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000, public
accept-ranges: bytes
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 arguepatch-sandworm-ukraine-malware-loader-623x415.jpg
www.welivesecurity.com/wp-content/uploads/2022/05/ 40 KB
40 KB 42ms
39ms Image
image/jpeg 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2022/05/arguepatch-sandworm-ukraine-malware-loader-623x415.jpg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/1C5B) /

Resource Hash

1f72abf11fd0b507cc794dbec618ac1d29a7de5e3904f8e4925ce63ad60a3200

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
x-content-type-options: nosniff
age: 1106866
x-cache: HIT
content-length: 40653
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 May 2022 00:10:33 GMT
server: ECAcc (nya/1C5B)
etag: "62882df9-9ecd"
strict-transport-security: max-age=15724800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000, public
accept-ranges: bytes
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 uefi-secure-lenovo-laptops-vulnerabilities-research-623x415.jpg
www.welivesecurity.com/wp-content/uploads/2022/04/ 24 KB
24 KB 47ms
44ms Image
image/jpeg 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2022/04/uefi-secure-lenovo-laptops-vulnerabilities-research-623x415.jpg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/799D) /

Resource Hash

db4802cdd77ee321f64c129088ac127ae97f09f283e9d90ef66e352a8e36340d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
x-content-type-options: nosniff
age: 3960469
x-cache: HIT
content-length: 24137
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Apr 2022 07:03:58 GMT
server: ECAcc (nya/799D)
etag: "6253d2de-5e49"
strict-transport-security: max-age=15724800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000, public
accept-ranges: bytes
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 zloader-botnets-disruption-eset-global-operation-623x415.jpg
www.welivesecurity.com/wp-content/uploads/2022/04/ 82 KB
82 KB 47ms
45ms Image
image/jpeg 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2022/04/zloader-botnets-disruption-eset-global-operation-623x415.jpg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/79E2) /

Resource Hash

1377c33abb24c615100b47c8d905ef0299112a22d097511cc569337b9633f21e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
x-content-type-options: nosniff
age: 4217266
x-cache: HIT
content-length: 84314
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 03 Apr 2022 22:10:02 GMT
server: ECAcc (nya/79E2)
etag: "624a1b3a-1495a"
strict-transport-security: max-age=15724800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000, public
accept-ranges: bytes
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 industroyer2-malware-attack-ukraine-623x415.jpg
www.welivesecurity.com/wp-content/uploads/2022/04/ 47 KB
47 KB 43ms
40ms Image
image/jpeg 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2022/04/industroyer2-malware-attack-ukraine-623x415.jpg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/1C5B) /

Resource Hash

fb07128372b2a8280ebd49f16bd784e55ae2c6162bb1be7fd7b9f18b6aa40ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
x-content-type-options: nosniff
age: 4248048
x-cache: HIT
content-length: 47823
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Apr 2022 10:32:32 GMT
server: ECAcc (nya/1C5B)
etag: "6257f840-bacf"
strict-transport-security: max-age=15724800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000, public
accept-ranges: bytes
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 eset-wls-footer-1.svg
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/ 3 KB
1 KB 61ms
58ms Image
image/svg+xml 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/eset-wls-footer-1.svg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/7911) /

Resource Hash

7df5345a52f22643ef051bf74f41d9a5a5644d5e699480a81ae8825b8ab5e533

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 796923
x-cache: HIT
strict-transport-security: max-age=15724800
content-length: 1217
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 May 2022 23:02:27 GMT
server: ECAcc (nya/7911)
etag: W/"62857b03-be5"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, public
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 eset-wls-footer-2.svg
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/ 3 KB
1 KB 39ms
36ms Image
image/svg+xml 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/new-logo/eset-wls-footer-2.svg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/79EE) /

Resource Hash

e22e3416c5b454c2fc3c8e8185b478647446789abbee258ec18a5791880eaf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3961871
x-cache: HIT
strict-transport-security: max-age=15724800
content-length: 1186
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Apr 2022 13:47:57 GMT
server: ECAcc (nya/79EE)
etag: W/"6258260d-a0b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, public
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 main.js Show response
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/js/ 318 KB
101 KB 24ms
24ms Script
application/javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/js/main.js?id=fef3139dcedd23afc232

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/78F2) /

Resource Hash

822800703045ecbccb15cff577f1f09d9b4efee6ae916396a6aceb3f6544b9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3614838
x-cache: HIT
strict-transport-security: max-age=15724800
content-length: 102785
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Apr 2022 13:05:36 GMT
server: ECAcc (nya/78F2)
etag: W/"62581c20-4f74a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=7776000, public
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 crayon.min.js Show response
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/static/js/ 22 KB
7 KB 34ms
29ms Script
application/javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/static/js/crayon.min.js

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/795F) /

Resource Hash

193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6719515
x-cache: HIT
strict-transport-security: max-age=15724800
content-length: 6790
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 18:21:10 GMT
server: ECAcc (nya/795F)
etag: W/"621e6416-5741"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=7776000, public
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 comment_count.js Show response
www.welivesecurity.com/wp-content/plugins/disqus-comment-system/public/js/ 889 B
541 B 39ms
34ms Script
application/javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.16

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/78E3) /

Resource Hash

cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2470711
x-cache: HIT
strict-transport-security: max-age=15724800
content-length: 440
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 06 May 2022 16:06:05 GMT
server: ECAcc (nya/78E3)
etag: W/"6275476d-379"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=7776000, public
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 comment_embed.js Show response
www.welivesecurity.com/wp-content/plugins/disqus-comment-system/public/js/ 1 KB
606 B 42ms
36ms Script
application/javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.16

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/78C6) /

Resource Hash

f055e217bde76d711bd8b42af773f9f99b8a29d81ad9ed10b6379cc7e6c60452

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4533102
x-cache: HIT
strict-transport-security: max-age=15724800
content-length: 505
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Apr 2022 13:48:00 GMT
server: ECAcc (nya/78C6)
etag: W/"62582610-47e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=7776000, public
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 app.min.js Show response
assets.esetstatic.com/3PR/ 20 KB
5 KB 252ms
156ms Script
application/javascript 2620:1ec:46::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.esetstatic.com/3PR/app.min.js

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

7344c63c6a0d89b69a485af2ec5bcc1cad983150613510439371d5293ed1cc46

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=2592000;
content-encoding: gzip
referrer-policy: no-referrer
server: Apache
date: Mon, 06 Jun 2022 16:13:12 GMT
x-frame-options: sameorigin
x-cache: TCP_REMOTE_HIT
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=3600, s-maxage=3600
x-azure-ref: 0mSeeYgAAAAAQZXBJwviuSrgfCubrp3jTQ0hHRURHRTE2MjAAZTQxNzJiYzEtNGZlZS00M2U2LWE3ZTgtMzVkZjVjYWQ3MDNl
x-azure-ref-originshield: 0mSeeYgAAAABLSAKBWdhbR72gQ+XFSwAkRVdSMzBFREdFMDUwOABlNDE3MmJjMS00ZmVlLTQzZTYtYTdlOC0zNWRmNWNhZDcwM2U=
vary: Accept-Encoding
content-length: 4904
x-content-type-options: nosniff

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
79 KB 110ms
61ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMDGSM

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

433e36e547146f996b1ab871385cf507c360c39c985ab1b3f6018c45b79e9ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80761
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Jun 2022 16:13:13 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 86ms
18ms Script
application/x-javascript 2606:2800:11f:17a5:191a:18d5:537:22f9
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:17a5:191a:18d5:537:22f9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nya/79DC) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1215
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (nya/79DC)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5e40e843-201e-0099-4bbd-7997c8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Mon, 06 Jun 2022 16:43:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
19ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMDGSM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5361
date: Mon, 06 Jun 2022 14:43:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 06 Jun 2022 16:43:52 GMT

GET
H2 200 single-wide-header-fade.png
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/images/ 92 KB
92 KB 27ms
26ms Image
image/png 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/images/single-wide-header-fade.png?5aa0f236a77ebb03d1bf2fbde7c17072

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/main.css?id=b3e7fe8a6c3736dca145

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/7926) /

Resource Hash

e2a1c2c0322c2737e986c860da67fbb2b9e93b70527a943b8c35b9d6e81ebb42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/main.css?id=b3e7fe8a6c3736dca145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
x-content-type-options: nosniff
age: 3605883
x-cache: HIT
content-length: 94055
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 24 Apr 2022 18:13:06 GMT
server: ECAcc (nya/7926)
etag: "62659332-16f67"
strict-transport-security: max-age=15724800
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000, public
accept-ranges: bytes
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 isaacwiper-hermeticwizard-wiper-worm-Ukraine-cyberattacks-malware.jpg
www.welivesecurity.com/wp-content/uploads/2022/03/ 186 KB
186 KB 61ms
61ms Image
image/jpeg 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/uploads/2022/03/isaacwiper-hermeticwizard-wiper-worm-Ukraine-cyberattacks-malware.jpg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/7931) /

Resource Hash

dd64ca752834b8f9c5c495a528c7ff54c6538cedd9f380e2106455f60610f613

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
x-content-type-options: nosniff
content-security-policy-report-only: report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
strict-transport-security: max-age=15724800
content-length: 190598
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 18:56:52 GMT
server: ECAcc (nya/7931)
etag: "621e6c74-2e886"
vary: Origin
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000, public
accept-ranges: bytes
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 li-shield-icon.svg
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/images/ 961 B
691 B 22ms
22ms Image
image/svg+xml 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/images/li-shield-icon.svg?82256d0e5b3abb3d9d256afa85d732a4

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/main.css?id=b3e7fe8a6c3736dca145

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/78DC) /

Resource Hash

e0c2fd69b7d441b42045d474afe52d2bdbb81a44c8d73e2c8271e4114003d991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/main.css?id=b3e7fe8a6c3736dca145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3614826
x-cache: HIT
strict-transport-security: max-age=15724800
content-length: 590
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Apr 2022 13:02:09 GMT
server: ECAcc (nya/78DC)
etag: W/"62581b51-3c1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, public
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 button-flag-50x60.svg
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/ 459 B
419 B 25ms
25ms Image
image/svg+xml 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/img/button-flag-50x60.svg

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/main.css?id=b3e7fe8a6c3736dca145

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/78EB) /

Resource Hash

5159dca2fe03c327248fd3b685f497f9f521c91d243ffaf43077601fedf56f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/main.css?id=b3e7fe8a6c3736dca145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5457884
x-cache: HIT
strict-transport-security: max-age=15724800
content-length: 294
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Apr 2022 08:02:53 GMT
server: ECAcc (nya/78EB)
etag: W/"6246b1ad-1cb"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, public
expires: Sun, 04 Sep 2022 16:13:13 GMT

GET
H2 200 Fedra-Sans-Alt-Book.woff
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/ 40 KB
40 KB 35ms
34ms Font
font/woff 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/Fedra-Sans-Alt-Book.woff?c156eca4ec460dcfa741dfda69fb16d5

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/main.css?id=b3e7fe8a6c3736dca145

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/1C75) /

Resource Hash

1ba0ff3994900740a94dc37300b7415b25d642f6ef495afc5ae4e16ae1128e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/main.css?id=b3e7fe8a6c3736dca145
Origin: https://www.welivesecurity.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
x-content-type-options: nosniff
age: 21303686
x-cache: HIT
x-cnection: close
content-length: 40945
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Oct 2021 21:42:10 GMT
server: ECAcc (nya/1C75)
etag: "6158d232-9ff1"
strict-transport-security: max-age=15724800
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Tue, 06 Jun 2023 16:13:13 GMT

GET
H2 200 Fedra-Sans-Alt-Bold.woff
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/ 40 KB
40 KB 25ms
25ms Font
font/woff 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/Fedra-Sans-Alt-Bold.woff?0050bbd300d61bbb50d2fff0bb6cd926

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/main.css?id=b3e7fe8a6c3736dca145

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/78EF) /

Resource Hash

12f37c0a70377ac636345742e2eb0d2acb70d411612020ae1608193330a5b15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/main.css?id=b3e7fe8a6c3736dca145
Origin: https://www.welivesecurity.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
x-content-type-options: nosniff
age: 26972096
x-cache: HIT
content-length: 40563
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Jul 2021 10:43:55 GMT
server: ECAcc (nya/78EF)
etag: "6102866b-9e73"
strict-transport-security: max-age=15724800
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Tue, 06 Jun 2023 16:13:13 GMT

GET
H2 200 icomoon.ttf
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/ 4 KB
2 KB 33ms
32ms Font
text/plain 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/icomoon.ttf?45b4319f2445b74719611d0ab85cf93a

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/main.css?id=b3e7fe8a6c3736dca145

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/1C69) /

Resource Hash

d33fbf33d2895817029b01cf16d273104474646e4e441988ab4efcfa7563991b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/main.css?id=b3e7fe8a6c3736dca145
Origin: https://www.welivesecurity.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44500
x-cache: HIT
strict-transport-security: max-age=15724800
content-length: 2135
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 May 2022 10:46:18 GMT
server: ECAcc (nya/1C69)
etag: W/"627b93fa-f94"
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400, public
expires: Tue, 07 Jun 2022 16:13:13 GMT

GET
H2 200 Fedra-Sans-Alt-Book-Italic.woff
www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/ 40 KB
40 KB 29ms
29ms Font
font/woff 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/fonts/Fedra-Sans-Alt-Book-Italic.woff?f299cc2feeecf266ff50b5ea8b3a3deb

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/main.css?id=b3e7fe8a6c3736dca145

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/788C) /

Resource Hash

63a41173db39c92635a87b39eedb581e8a1c3142372ebced441ce927fef343a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/wp-content/themes/eset-wls-2018/assets/css/main.css?id=b3e7fe8a6c3736dca145
Origin: https://www.welivesecurity.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:13 GMT
x-content-type-options: nosniff
age: 26972096
x-cache: HIT
content-length: 40640
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Jul 2021 10:43:55 GMT
server: ECAcc (nya/788C)
etag: "6102866b-9ec0"
strict-transport-security: max-age=15724800
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Tue, 06 Jun 2023 16:13:13 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 20ms
19ms Image
image/gif 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&cid=495856.9302500422&tid=UA-76266002-27&dl=https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/&t=event&ec=Tracking%20check%20-%20recurring&ea=Script%20loaded&ni=1&cd1=wls&aip=1&z=867356

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jun 2022 19:04:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76112
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 check.png
cdn1.esetstatic.com/ESET/INT/assets/img/ 68 B
383 B 739ms
93ms Image
image/png 54.230.10.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.esetstatic.com/ESET/INT/assets/img/check.png?country=wls&gcode=scriptLoaded&z=399059
Requested by: Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.10.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-10-86.man50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 260865134b6e69ca7bafa9e8ddcd59fb6ffbf727f50a3d2dd186d217c8c79694

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 00:06:30 GMT
via: 1.1 d2a80d1c866bab2d2e400b1b9daa5d78.cloudfront.net (CloudFront)
last-modified: Tue, 10 Mar 2020 18:17:48 GMT
server: AmazonS3
age: 58167
etag: "5df0ac2d51cfecbde35e8dd1ba3a8d77"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: MAN50-C3
accept-ranges: bytes
content-length: 68
x-amz-cf-id: Ty-HzfqHQbcAwg-ytiTfyl0LMn-b6_EIhR-HT_9iUiTxlJvUbPAY2g==

GET
H/1.1 200
OK count.js Show response
welivesecurity.disqus.com/ 1 KB
2 KB 615ms
10ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://welivesecurity.disqus.com/count.js

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.16

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 16:13:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 298
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 27 May 2022 17:31:17 GMT
Server: nginx
ETag: "62910ae5-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW56-P1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: TShm5EH9p1MS_V1qZEWR_guM135j6cAO4Ir802dCs4caaUfiIjAnZA==

GET
H/1.1 200
OK embed.js Show response
welivesecurity.disqus.com/ 78 KB
25 KB 650ms
45ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://welivesecurity.disqus.com/embed.js

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.16

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

863a3169d976e8b1390bb5026de3e4699c61dcd35583d11cc6e38a5cab15a195

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 16:13:14 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25400
Cross-Origin-Resource-Policy: cross-origin

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1419661234&t=pageview&_s=1&dl=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&ul=en-us&de=UTF-8&dt=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania%20%7C%20WeLiveSecurity&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&cid=1525379190.1654531994&tid=UA-37839312-1&_gid=1463167394.1654531994&gtm=2wg610PMDGSM&cd1=Crisis%20en%20Ucrania%20-%20Centro%20de%20Recursos%20de%20Seguridad%20Digital&cd2=ESET%20Research&cd4=&cd5=2022-06-06T16%3A13%3A13.406%2B00%3A00&cd6=Office%20Hours&cd7=www.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&cd8=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&cd10=(not%20set)&cd11=es&cd12=not-a-bot&cd25=GTM-PMDGSM&cd33=consent%20not%20set&cd34=consent%20not%20set&z=907011067

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 00:20:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57172
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1419661234&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&ul=en-us&de=UTF-8&dt=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania%20%7C%20WeLiveSecurity&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=cookie%20consent&ea=cookie-consent-visible&_u=aHDAAEAB~&cid=1525379190.1654531994&tid=UA-37839312-1&_gid=1463167394.1654531994&gtm=2wg610PMDGSM&cd1=Crisis%20en%20Ucrania%20-%20Centro%20de%20Recursos%20de%20Seguridad%20Digital&cd2=ESET%20Research&cd3=2.5k-3k&cd4=&cd5=2022-06-06T16%3A13%3A13.775%2B00%3A00&cd6=Office%20Hours&cd7=www.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&cd8=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&cd10=(not%20set)&cd11=es&cd12=not-a-bot&cd20=1525379190.1654531994&cd25=GTM-PMDGSM&cd33=consent%20not%20set&cd34=consent%20not%20set&z=1717618132

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 00:20:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57172
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.63860eb743c7d9d2adf0fa435788abe7.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 325ms
104ms Other
text/css 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Requested by

Host: welivesecurity.disqus.com
URL: https://welivesecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6641221
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26078
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-65de"
content-type: text/css; charset=utf-8
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: MAN50-C2
timing-allow-origin: *
x-amz-cf-id: yOQr06dmIPbSJphqll8Wh-rItztWpDkp51iwRzJ6EqW4FtGF6n5HFQ==
x-cache-hits: 0

GET
H2 200 common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
c.disquscdn.com/next/embed/ 0
93 KB 406ms
185ms Other
application/javascript 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Requested by

Host: welivesecurity.disqus.com
URL: https://welivesecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 20:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4131728
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94755
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 19 Apr 2022 20:21:53 GMT
server: nginx
etag: "625f19e1-17223"
content-type: application/javascript; charset=utf-8
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
expires: Wed, 19 Apr 2023 20:31:06 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: MAN50-C2
timing-allow-origin: *
x-amz-cf-id: -nY9_4heAY6uDKjUmPttUtvSvUebXSf7K5xVA-SZ2-uVnZoPTZp2Fg==
x-cache-hits: 0

GET
H2 200 lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
c.disquscdn.com/next/embed/ 0
121 KB 518ms
299ms Other
application/javascript 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js

Requested by

Host: welivesecurity.disqus.com
URL: https://welivesecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 17:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255567
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 123109
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-1e0e5"
content-type: application/javascript; charset=utf-8
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
expires: Sat, 03 Jun 2023 17:13:47 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: MAN50-C2
timing-allow-origin: *
x-amz-cf-id: ddU1x4PvWj9RQZ7-RQmlHo1cOLs2SxQQLwjfkAQ5QjCx0vwqUtFStQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
15 KB 36ms
10ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: welivesecurity.disqus.com
URL: https://welivesecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 16:13:14 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 17
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 15276
X-XSS-Protection: 1; mode=block

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 143ms
27ms Preflight 20.42.73.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.42.73.141 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://www.welivesecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Mon, 06 Jun 2022 16:13:13 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
304 B 68ms
68ms XHR
application/json 20.42.73.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.42.73.141 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0d12043c7051fe9e78060b7ae447ec5aa8bfa744dd5520fb12e745a2bb0076da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
accept-language: en-CA,en;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 52282EE0-605B-4DF8-92AD-AE41D2FBD55C
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Mon, 06 Jun 2022 16:13:14 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 024B 8 KB
5 KB 81ms
81ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es

Requested by

Host: welivesecurity.disqus.com
URL: https://welivesecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

35ce72d85ac20c855ec514d68c3d7d252fdcd2b17728d3f0d5653b93df69033a

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3313
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 06 Jun 2022 16:13:14 GMT
ETag: W/"lounge:view:9050718870.93201d05a672639c1b9c1f2b5ae7bc32.2"
Last-Modified: Wed, 02 Mar 2022 05:29:57 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H2 200 lounge.load.cfefa856cbcd7efb87102e7242c9a829.js Show response
c.disquscdn.com/next/embed/ Frame 024B 958 B
1 KB 287ms
92ms Script
application/javascript 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.cfefa856cbcd7efb87102e7242c9a829.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

79178481c1d1ab6798f68fb68f05045d45e6da72ac7a146feb2440de4f7d35c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
Origin: https://disqus.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 17:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255566
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 496
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-1f0"
content-type: application/javascript; charset=utf-8
via: 1.1 d93995041f17b80819941d783489c35e.cloudfront.net (CloudFront)
expires: Sat, 03 Jun 2023 17:13:48 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: MAN50-C2
timing-allow-origin: *
x-amz-cf-id: WTy_qqNqags4TeGm4wHcw6hN1jBvU547MIljZ8VfMUTLYv6YKSBqGA==
x-cache-hits: 0

GET
H2 200 common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js Show response
c.disquscdn.com/next/embed/ Frame 024B 282 KB
93 KB 95ms
95ms Script
application/javascript 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.cfefa856cbcd7efb87102e7242c9a829.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

64cee676a611b27aca955c5e227666f9d955682512ec25b982bd5e2f92eb61dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 20:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4131728
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94755
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 19 Apr 2022 20:21:53 GMT
server: nginx
etag: "625f19e1-17223"
content-type: application/javascript; charset=utf-8
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
expires: Wed, 19 Apr 2023 20:31:06 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: MAN50-C2
timing-allow-origin: *
x-amz-cf-id: hqFlkxroBHfRGVcRJUXAIPpOgZQNhTXd3JG5GkGnshOzQIhZTCDm_A==
x-cache-hits: 0

GET
H2 200 lounge.63860eb743c7d9d2adf0fa435788abe7.css
c.disquscdn.com/next/embed/styles/ Frame 024B 165 KB
26 KB 92ms
92ms Stylesheet
text/css 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8784042e14531617c1aef40d7623d3dd1d0b24730721c779e0c3ae86ed03990e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6641222
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26078
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-65de"
content-type: text/css; charset=utf-8
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: MAN50-C2
timing-allow-origin: *
x-amz-cf-id: bttf4GSgvv9_-IjdNt1VVTkqY1ukVYGYiE9LopdHJvsI1eTPZkyfSQ==
x-cache-hits: 0

GET
H2 200 lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js Show response
c.disquscdn.com/next/embed/ Frame 024B 476 KB
121 KB 92ms
91ms Script
application/javascript 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e7c053aa439dd2bb56d823101047cb9fad99b2b4963e036af632ad0a662099d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 17:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255568
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 123109
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-1e0e5"
content-type: application/javascript; charset=utf-8
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
expires: Sat, 03 Jun 2023 17:13:47 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: MAN50-C2
timing-allow-origin: *
x-amz-cf-id: JCkKxOmKZARqqW3VfCXe_fCnQuaACaIgr9Olb--OejgAGLpEfI5ZOg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 024B 15 KB
15 KB 10ms
10ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7184f2085bedef65d3c0c459b2ade2c5cda92c16f4b6e426618aae36fc20d754

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 16:13:14 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 17
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 15276
X-XSS-Protection: 1; mode=block

GET
H2 404 es.js
c.disquscdn.com/next/current/embed/lang/ Frame 024B 0
0 100ms
100ms Script
text/html 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.disquscdn.com/next/current/embed/lang/es.js
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 024B 4 KB
4 KB 39ms
38ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=welivesecurity&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a6a468c14177dcc22e8a5f340e7d99593f254708bd58b6ce819a343cb712b540

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 16:13:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3899
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK loadReactions Show response
disqus.com/api/3.0/threadReactions/ Frame 024B 1 KB
2 KB 46ms
46ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/threadReactions/loadReactions?thread=9050718870&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

92a9c26ff6f6e2d12c12c34a232a09de772baeffedca24cae54705b192d3460b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 16:13:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=30, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 1351
X-XSS-Protection: 1; mode=block

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/forums/215/2520/ Frame 024B 3 KB
3 KB 91ms
91ms Image
image/jpeg 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/forums/215/2520/avatar92.jpg?1422638690

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

55c9540888569c09e72cbfbadbe3a3fe888b0a3dec19d5a6fd085dcf09162cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 03:30:52 GMT
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 17584943
x-cache: Hit from cloudfront
content-length: 3039
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Fri, 30 Jan 2015 17:24:51 GMT
server: nginx
etag: "24223861b0bcda3344ae2ab0243903e2"
content-type: image/jpeg
expires: Tue, 15 Nov 2022 03:30:52 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: MAN50-C2
accept-ranges: bytes
x-amz-cf-id: MlieOj_IcVMI7KOoet3Bq0vouGMvUdLV-At4AQ8elGu0W8E1-lBwCA==
x-cache-hits: 0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 024B 13 KB
13 KB 91ms
91ms Image
image/svg+xml 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:22:46 GMT
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5406629
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 31 Mar 2022 17:44:54 GMT
server: nginx
etag: "6245e896-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Wed, 05 Apr 2023 02:22:46 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: MAN50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: iLqW4eTJ7Bzc3RV61kEpqQnMmFNDpAnMiDRtYMOutJj0nVnZXdc3hA==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 024B 3 KB
3 KB 90ms
89ms Image
image/gif 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:53:55 GMT
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1397960
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 10 May 2022 13:06:19 GMT
server: nginx
etag: "627a634b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Sun, 21 May 2023 11:53:55 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: MAN50-C2
timing-allow-origin: *
x-amz-cf-id: uJ57RvX3QFd43jVCM-PyqTj6GO7MrWn0Ho8rZuvuPnsYm8UWRkzLwg==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 024B 2 KB
2 KB 90ms
90ms Image
image/png 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 02:17:43 GMT
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 17589332
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 10 Nov 2021 23:08:20 GMT
server: nginx
etag: "618c50e4-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Tue, 15 Nov 2022 02:17:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: MAN50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: EUVboo3k73WUHuiXLd6CkNomlB5uFF5yzc7IyzzVii-poGFhvm0d3g==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 024B 8 KB
8 KB 101ms
101ms Font
application/octet-stream 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Origin: https://disqus.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 14 May 2022 15:27:23 GMT
via: 1.1 d93995041f17b80819941d783489c35e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1989952
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 10 May 2022 13:06:19 GMT
server: nginx
etag: "627a634b-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Sun, 14 May 2023 15:27:23 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: MAN50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: C3Jtc3lYFbN3_IoSk1wixc-2Cc4puLMOHSd7j7DRuVjsHSnwlfgMNQ==
x-cache-hits: 0

GET
H2 200 upvote-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 024B 8 KB
8 KB 90ms
89ms Image
image/png 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/upvote-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ddc6aec4144b67f0a2a12d687f3c4b8a9faf7c445847d0e25dcb5bd1a9ba9018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:09:06 GMT
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 249
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 8170
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-1fea"
content-type: image/png
access-control-allow-origin: *
expires: Mon, 06 Jun 2022 16:14:06 GMT
cache-control: max-age=300, public
x-amz-cf-pop: MAN50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ab3ItWaTduO0WIa_0HusnkXQKumkZTRgXby_WDK1yPPqsTRkgvBMEg==
x-cache-hits: 0

GET
H2 200 funny-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 024B 9 KB
9 KB 92ms
89ms Image
image/png 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/funny-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

20a91bd509668238b6af8e16475c5e2611bcd2861d0eec2e0d4f6815e81449bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:10:24 GMT
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 171
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 8883
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-22b3"
content-type: image/png
access-control-allow-origin: *
expires: Mon, 06 Jun 2022 16:15:24 GMT
cache-control: max-age=300, public
x-amz-cf-pop: MAN50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: TbPPxLYyegQuInmv6LF5TxchIsMY6PWmc5f8-DrRnl9k29c7uxeO9w==
x-cache-hits: 0

GET
H2 200 love-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 024B 12 KB
12 KB 94ms
91ms Image
image/png 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/love-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e422b07ca1550e55cd90a518e910fd3cfb4d9337ea6092357f9761aa77ac9e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:09:02 GMT
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 253
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 11910
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-2e86"
content-type: image/png
access-control-allow-origin: *
expires: Mon, 06 Jun 2022 16:14:02 GMT
cache-control: max-age=300, public
x-amz-cf-pop: MAN50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: qaDCAK9-WbK8qsWo9fBCGMrL63cri3jM7YZxJohBRrd4Fv378_4YPg==
x-cache-hits: 0

GET
H2 200 surprised-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 024B 7 KB
8 KB 96ms
93ms Image
image/png 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/surprised-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4e14ce1bd0d4433eee84cbb16196a7a051126f07af888ef7f9d252120f32f907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:12:04 GMT
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 71
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7308
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-1c8c"
content-type: image/png
access-control-allow-origin: *
expires: Mon, 06 Jun 2022 16:17:04 GMT
cache-control: max-age=300, public
x-amz-cf-pop: MAN50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: GeEtubGD5q6JdzttTV7751mSzb8JJrndB_ay-HbQtVYbKLeqCgHH2A==
x-cache-hits: 0

GET
H2 200 angry-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 024B 20 KB
21 KB 99ms
96ms Image
image/png 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/angry-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

db865c8f3642f3485829c0ee0008fe04a32cc66af70867b39f60395a7fed3984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:11:41 GMT
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 155
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 20675
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-50c3"
content-type: image/png
access-control-allow-origin: *
expires: Mon, 06 Jun 2022 16:15:40 GMT
cache-control: max-age=300, public
x-amz-cf-pop: MAN50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: pQ9JGByIEG-veL3BQSg9jVkXRVC8n7c0NAAsxkpoLMjuOslz-f3izQ==
x-cache-hits: 0

GET
H2 200 sad-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 024B 9 KB
9 KB 101ms
98ms Image
image/png 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/sad-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

11c401a81e32b086bea3798c033009907b429fb601411da6ffc266b78184898a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:05 GMT
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 10
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 8986
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-231a"
content-type: image/png
access-control-allow-origin: *
expires: Mon, 06 Jun 2022 16:18:05 GMT
cache-control: max-age=300, public
x-amz-cf-pop: MAN50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: AOpvckTyC8ncNZrKKedes0k7mOZ4P8yZH4ApKJ60g8A9D1XMsKrAGw==
x-cache-hits: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 024B 3 KB
2 KB 133ms
41ms Script
application/x-javascript 2a03:2880:f03a:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27722398024d3a0155570720a95d420d8746a2e65ff2f23affae3865affa71dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 0Uoips6QjSCEUxq5LJZLMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 06 Jun 2022 16:23:43 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: JipqJXmOlUdQ7jvmFIgTBz5lfSLtCuV8gmSsUjijcYcqMYUGnqwpq22/LgReUBBCCo5807R/7Wg+DG5JguO0gA==
x-fb-trip-id: 1425083115
x-fb-content-md5: 0620ea04144c123fdedefcd3238184c4
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 06 Jun 2022 16:13:15 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "369ddacbdd43db5c5b306d727a0374b9"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 api.js Show response
apis.google.com/js/ Frame 024B 14 KB
6 KB 120ms
56ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de30b1fc781f1344f02ff2230b868a870e18cea33e2228017066b2f1d2ef753d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Mon, 06 Jun 2022 16:13:15 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "5e358415b06c48cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Jun 2022 16:13:15 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.KVSPb_Y8pSk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gW8E5WGSmGcbq8d2kz7xJze20YQ/ Frame 024B 108 KB
36 KB 87ms
20ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.KVSPb_Y8pSk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gW8E5WGSmGcbq8d2kz7xJze20YQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e7ff8a9893c0fb085662356cddd8e57d34b4241bb5bbe1d9ad002d973c2fb77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 04:58:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 15:21:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 04:58:10 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 024B 291 KB
83 KB 95ms
39ms Script
application/x-javascript 2a03:2880:f03a:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1d7694892950b67bba35f22d80aa6d9b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b43707c0935d67d9f49c0ed55ef5ea2223108e2a075a0e66f73a889760f8206d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
Origin: https://disqus.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tF7QuhwjXLGe12aQIZPmOw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 06 Jun 2023 15:15:29 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84670
x-fb-rlafr: 0
x-fb-debug: f3NBuNGpg3Xk4e710qxwDZK3ZCJ9Ix6P8ZBFRxYCDd5upmZ2Pd0b5kEahu7d18BNoj7DWHTMqJdnV+1XMlWrEw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4821849d06bbb79e2d1ba39c5c666fd7
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Jun 2022 16:13:15 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "eda5e3d5753ac6dd07ea23d444603e8a"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame B9A6 283 B
1 KB 307ms
255ms Document
text/html 2607:f8b0:4006:824::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.KVSPb_Y8pSk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gW8E5WGSmGcbq8d2kz7xJze20YQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200d Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04f6add17727fa3a69ca10c346951fd86b19217f32f1fc6fc53318f7c6485c72

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I4kSVPJtfbAtgEQDewIe1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-I4kSVPJtfbAtgEQDewIe1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 06 Jun 2022 16:13:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 status
www.facebook.com/x/oauth/ Frame 024B 0
0 170ms
75ms Fetch
text/plain 2a03:2880:f13a:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.welivesecurity.com&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dwelivesecurity%26t_i%3D159856%2520https%253A%252F%252Fbackend.welivesecurity.com%252F%253Fp%253D159856%26t_u%3Dhttps%253A%252F%252Fwww.welivesecurity.com%252Fla-es%252F2022%252F03%252F02%252Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%252F%26t_e%3DIsaacWiper%2520y%2520HermeticWizard%253A%2520un%2520nuevo%2520wiper%2520y%2520worm%2520utilizados%2520en%2520ciberataques%2520a%2520Ucrania%26t_d%3DIsaacWiper%2520y%2520HermeticWizard%253A%2520un%2520nuevo%2520wiper%2520y%2520worm%2520utilizados%2520en%2520ciberataques%2520a%2520Ucrania%26t_t%3DIsaacWiper%2520y%2520HermeticWizard%253A%2520un%2520nuevo%2520wiper%2520y%2520worm%2520utilizados%2520en%2520ciberataques%2520a%2520Ucrania%26s_o%3Ddefault%26l%3Des%23version%3Dcfefa856cbcd7efb87102e7242c9a829&sdk=joey&wants_cookie_data=false

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: fhHT3g5Z6tBIT+KmwqmTFJHH38ypHCFpXQ+P4ocOZtVzedKnPNkZTFlgn4YvPwvhq8KOgYY1z+UcKmIHOZ2HPg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Mon, 06 Jun 2022 16:13:15 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://disqus.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame B9A6 2 KB
848 B 95ms
50ms Other
text/html 2607:f8b0:4006:824::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/la-es/2022/03/02/isaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200d Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

38bbe5a21a5cf485730fdd261a37f49942fdcf0ff3e376fb6c5b1a3ef78a1c35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 16:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.V6t4_p_Gq4Q.es5.O/d=1/rs=AOaEmlG5aVQQ1Nzbq1IrK83kwmDLwKDBZQ/ Frame B9A6 98 KB
34 KB 92ms
19ms Script
text/javascript 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.V6t4_p_Gq4Q.es5.O/d=1/rs=AOaEmlG5aVQQ1Nzbq1IrK83kwmDLwKDBZQ/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bea78c9a7a2a221feb848ddac583f7a22f95d8dc5fdd28826147bb70b7d5cd87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34496
x-xss-protection: 0
last-modified: Sat, 28 May 2022 05:40:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 May 2023 17:48:33 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame B9A6 49 B
95 B 64ms
64ms XHR
application/json 2607:f8b0:4006:824::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.V6t4_p_Gq4Q.es5.O/d=1/rs=AOaEmlG5aVQQ1Nzbq1IrK83kwmDLwKDBZQ/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200d Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9IGl9bTRaAwrOxHFIJlyoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-9IGl9bTRaAwrOxHFIJlyoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
expires: Mon, 06 Jun 2022 16:13:16 GMT

GET
H/1.1 200
OK / Show response
glitter.services.disqus.com/urls/ Frame 024B 923 B
949 B 75ms
32ms Script
application/javascript 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=welivesecurity&thread_id=9050718870&referer=

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.64 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

6b83d0e9d3cf9ec2d9692344133388e6412630b565b0b56b8e3d1cc4b0d1bea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 16:13:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
X-Frame-Options: DENY
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: no-cache
transfer-encoding: chunked
X-Service: glitter
Content-Disposition: attachment; filename=f.txt
Strict-Transport-Security: max-age=300; includeSubdomains
Vary: Accept-Encoding, Cookie
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/forums/215/2520/ Frame 024B 3 KB
3 KB 91ms
91ms Image
image/jpeg 2600:9000:2131:7600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/forums/215/2520/avatar92.jpg?1422638690

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2131:7600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

55c9540888569c09e72cbfbadbe3a3fe888b0a3dec19d5a6fd085dcf09162cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 03:30:52 GMT
via: 1.1 dc76201726659ab3bf6685a15c7a11ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 17584944
x-cache: Hit from cloudfront
content-length: 3039
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Fri, 30 Jan 2015 17:24:51 GMT
server: nginx
etag: "24223861b0bcda3344ae2ab0243903e2"
content-type: image/jpeg
expires: Tue, 15 Nov 2022 03:30:52 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: MAN50-C2
accept-ranges: bytes
x-amz-cf-id: 74XiaxzT1JiDtkG8RE4Lt4UHAT_bjNY_HKRrFNAotRTKdW7ubU11CA==
x-cache-hits: 0

GET
H2 200 pixel.html Show response
live.rezync.com/ Frame 9A16 677 B
1 KB 454ms
240ms Document
text/html 13.224.81.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c45k8mcv3vqaljm&pctry=CA&referrer=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.81.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-81-61.man50.r.cloudfront.net
Software: lighttpd/1.4.33 /
Resource Hash: 3019b3e9fdaff391d3df53dcd6769283b377e9da7f360f0bb76e0c48d34b6626

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 677
content-type: text/html; charset=utf-8
date: Mon, 06 Jun 2022 16:13:16 GMT
server: lighttpd/1.4.33
via: 1.1 5fed13107ac953b44a27c9761e84fbc0.cloudfront.net (CloudFront)
x-amz-cf-id: ZWeAuqbJKH-R1Pi7-XceDfeY4sojAVomzl6PfPv4fmHoZy0o82ILGA==
x-amz-cf-pop: MAN50-C2
x-cache: Miss from cloudfront

GET
H2 200 sync Show response
pippio.com/api/ Frame CCB7 5 KB
5 KB 82ms
49ms Document
text/html 107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pippio.com/api/sync?pid=1391&ref=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&it=1&iv=c45k8mcv3vqaljm
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: b7729ca882848bcde7d11850021eda394c6567fad017c1a5cc769f89676af538

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store
content-type: text/html
date: Mon, 06 Jun 2022 16:13:16 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
timing-allow-origin: *
via: 1.1 google

GET
H/1.1

200
OK

/
io.narrative.io/ Frame 024B
Redirect Chain

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac45k8mcv3vqaljm&ret=img&ref=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utiliza...
https://io.narrative.io/?io.narrative.guid.v2=929aadc0-e5b3-11ec-96af-0e9f37bd45a9&companyId=19&id=disqus_id%3Ac45k8mcv3vqaljm&ret=img&ref=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2...

35 B
319 B

29ms
28ms

Image
image/gif

54.221.225.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?io.narrative.guid.v2=929aadc0-e5b3-11ec-96af-0e9f37bd45a9&companyId=19&id=disqus_id%3Ac45k8mcv3vqaljm&ret=img&ref=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F
Protocol: HTTP/1.1
Server: 54.221.225.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-225-158.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 16:13:16 GMT
Cache-Control: no-cache
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: https://io.narrative.io/?io.narrative.guid.v2=929aadc0-e5b3-11ec-96af-0e9f37bd45a9&companyId=19&id=disqus_id%3Ac45k8mcv3vqaljm&ret=img&ref=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F
Date: Mon, 06 Jun 2022 16:13:16 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

204
No Content

/
io.narrative.io/ Frame 024B
Redirect Chain

https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D0%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac45k8mcv3vqaljm
https://io.narrative.io/?companyId=19&gdpr=0&gdpr_consent=&id=disqus_id:c45k8mcv3vqaljm&puid=92a423a0-e5b3-11ec-a5c2-57f5371766d7

0
247 B

26ms
24ms

Image
text/plain

54.221.225.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?companyId=19&gdpr=0&gdpr_consent=&id=disqus_id:c45k8mcv3vqaljm&puid=92a423a0-e5b3-11ec-a5c2-57f5371766d7
Protocol: HTTP/1.1
Server: 54.221.225.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-225-158.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 16:13:16 GMT
Cache-Control: no-cache
Server: nginx/1.18.0
Connection: keep-alive

Redirect headers

location: https://io.narrative.io/?companyId=19&gdpr=0&gdpr_consent=&id=disqus_id:c45k8mcv3vqaljm&puid=92a423a0-e5b3-11ec-a5c2-57f5371766d7
date: Mon, 06 Jun 2022 16:13:16 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 024B 43 B
339 B 57ms
24ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.16&load_time=1186&event=init_embed&thread=9050718870&forum=welivesecurity&forum_id=2152520&imp=45k8m812o6499n&prev_imp&thread_slug=isaacwiper_y_hermeticwizard_un_nuevo_wiper_y_worm_utilizados_en_ciberataques_a_ucrania&user_type=anon&referrer=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=159856%20https%3A%2F%2Fbackend.welivesecurity.com%2F%3Fp%3D159856&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F&t_e=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_d=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&t_t=IsaacWiper%20y%20HermeticWizard%3A%20un%20nuevo%20wiper%20y%20worm%20utilizados%20en%20ciberataques%20a%20Ucrania&s_o=default&l=es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 16:13:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3

200

sync
pippio.com/api/ Frame CCB7
Redirect Chain

https://idsync.rlcdn.com/462246.gif?partner_uid=c45k8mcv3vqaljm
https://idsync.rlcdn.com/1000.gif?memo=CKabHBIbChcIARDI-AEaD2M0NWs4bWN2M3ZxYWxqbRAAGg0InM_4lAYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=1e5508b07fb6870f18ea32cef948c3f02573ad19d154f19eca45984bbd4688f3791426b5417dce21&_=2

42 B
59 B

48ms
47ms

Image
image/gif

107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?pid=5324&it=1&iv=1e5508b07fb6870f18ea32cef948c3f02573ad19d154f19eca45984bbd4688f3791426b5417dce21&_=2
Protocol: H3
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pippio.com/api/sync?pid=5324&it=1&iv=1e5508b07fb6870f18ea32cef948c3f02573ad19d154f19eca45984bbd4688f3791426b5417dce21&_=2
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

ddp
pippio.com/api/sync/ Frame CCB7
Redirect Chain

https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=1017&cparams=placement%3D1391
https://pippio.com/api/sync?pid=5324&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpEhoKFggBEAAaEE1hdUpUYlBLeS1lZklBZE0QABoMCJzP-JQGEgQIAhAAQgBKAA
https://pippio.com/api/sync/ddp?pid=2&m=CMwpEhoKFggBEAAaEE1hdUpUYlBLeS1lZklBZE0QABoMCJzP-JQGEgQIAhAAQgBKAA&google_error=3

42 B
59 B

43ms
42ms

Image
image/gif

107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync/ddp?pid=2&m=CMwpEhoKFggBEAAaEE1hdUpUYlBLeS1lZklBZE0QABoMCJzP-JQGEgQIAhAAQgBKAA&google_error=3
Protocol: H3
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 16:13:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pippio.com/api/sync/ddp?pid=2&m=CMwpEhoKFggBEAAaEE1hdUpUYlBLeS1lZklBZE0QABoMCJzP-JQGEgQIAhAAQgBKAA&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

458249.gif
idsync.rlcdn.com/ Frame CCB7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CO8KEhoKFggBEPkHGg9jNDVrOG1jdjN2cWFsam0QABqXAQicz_iUBhIECAIQABIFCJQpEAASBQjlKxAAEgUI5isQABIFCOcrEAASBQjoKxAAEgUI6Ss...
https://pippio.com/api/sync/ddp?pid=2&m=CO8KEhoKFggBEPkHGg9jNDVrOG1jdjN2cWFsam0QABqXAQicz_iUBhIECAIQABIFCJQpEAASBQjlKxAAEgUI5isQABIFCOcrEAASBQjoKxAAEgUI6SsQABIFCOorEAASBQjrKxAAEgUI7CsQABIFCO0rEAASB...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=801392ca-df16-4f62-88cd-fcf47b8edd7d

42 B
60 B

43ms
41ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=801392ca-df16-4f62-88cd-fcf47b8edd7d
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=801392ca-df16-4f62-88cd-fcf47b8edd7d
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
content-type: text/html; charset=utf-8

GET
H2

200

px
p.adsymptotic.com/d/ Frame CCB7
Redirect Chain

https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d&_expected_cookie=43f05d34ac580937a87e56df9fe430d6

43 B
142 B

51ms
50ms

Image
image/gif

104.18.101.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d&_expected_cookie=43f05d34ac580937a87e56df9fe430d6
Protocol: H2
Server: 104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 71726f31ad735407-YYZ
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

location: https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d&_expected_cookie=43f05d34ac580937a87e56df9fe430d6
date: Mon, 06 Jun 2022 16:13:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 71726f316d175407-YYZ
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H3

200

396846.gif
idsync.rlcdn.com/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D1391
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=327377d5-5215-4908-9e09-3cabc47b66ec

42 B
60 B

43ms
43ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=327377d5-5215-4908-9e09-3cabc47b66ec
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Mon, 06 Jun 2022 16:13:16 GMT
content-encoding: gzip
server: OXGW/eecec1e
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=327377d5-5215-4908-9e09-3cabc47b66ec
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=2&cparams=placement%3D1391
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMWeyf9w8ImM8T_Azfi2edU&google_cver=1

42 B
60 B

42ms
42ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMWeyf9w8ImM8T_Azfi2edU&google_cver=1
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 16:13:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMWeyf9w8ImM8T_Azfi2edU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

52154.gif
idsync.rlcdn.com/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=3&cparams=placement%3D1391
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fserved_by%253Devergreen%2526partner_uid%253D%2524UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1270335229494304850

42 B
60 B

41ms
41ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1270335229494304850
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Pragma: no-cache
Date: Mon, 06 Jun 2022 16:13:16 GMT
X-Proxy-Origin: 149.56.153.187; 149.56.153.187; 555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9dbb11b7-7406-4b88-9213-195fbfec4fbb
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1270335229494304850
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

47154.gif
idsync.rlcdn.com/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=4&cparams=placement%3D1391
https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=ecce629e-279c-4200-a8f7-2acf9527ff20

42 B
60 B

41ms
41ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=ecce629e-279c-4200-a8f7-2acf9527ff20
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Date: Mon, 06 Jun 2022 16:13:16 GMT
Server: MT3 4419 e1034d5 master ord-pixel-x6 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=ecce629e-279c-4200-a8f7-2acf9527ff20
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 06 Jun 2022 16:13:15 GMT

GET
H3

200

362588.gif
idsync.rlcdn.com/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=5&cparams=placement%3D1391
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveramp&ttd_tpi=1
https://idsync.rlcdn.com/362588.gif?partner_uid=8591eac4-3537-475a-a748-43710ee6fa46

42 B
60 B

44ms
43ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362588.gif?partner_uid=8591eac4-3537-475a-a748-43710ee6fa46
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 16:13:16 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://idsync.rlcdn.com/362588.gif?partner_uid=8591eac4-3537-475a-a748-43710ee6fa46
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=6&cparams=placement%3D1391
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=&cb=09274259
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=&cb=09274259&dcc=t

43 B
932 B

47ms
46ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=&cb=09274259&dcc=t

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Jun 2022 16:13:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: WR1JCRKA0E0F07SWNTS6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Jun 2022 16:13:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QEQHCZT9DD5WYC21ZZHD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=&cb=09274259&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

396846.gif
idsync.rlcdn.com/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=7&cparams=placement%3D1391
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=327377d5-5215-4908-9e09-3cabc47b66ec

42 B
60 B

44ms
43ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=327377d5-5215-4908-9e09-3cabc47b66ec
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Mon, 06 Jun 2022 16:13:16 GMT
content-encoding: gzip
server: OXGW/eecec1e
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=327377d5-5215-4908-9e09-3cabc47b66ec
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=8&cparams=placement%3D1391
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMWeyf9w8ImM8T_Azfi2edU&google_cver=1

42 B
60 B

41ms
41ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMWeyf9w8ImM8T_Azfi2edU&google_cver=1
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 16:13:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMWeyf9w8ImM8T_Azfi2edU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

47154.gif
idsync.rlcdn.com/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=9&cparams=placement%3D1391
https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=ecce629e-279c-4200-a8f7-2acf9527ff20

42 B
60 B

44ms
44ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=ecce629e-279c-4200-a8f7-2acf9527ff20
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Date: Mon, 06 Jun 2022 16:13:16 GMT
Server: MT3 4419 e1034d5 master ord-pixel-x48 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=ecce629e-279c-4200-a8f7-2acf9527ff20
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 06 Jun 2022 16:13:15 GMT

GET
H3

200

362588.gif
idsync.rlcdn.com/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=10&cparams=placement%3D1391
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
https://idsync.rlcdn.com/362588.gif?partner_uid=8591eac4-3537-475a-a748-43710ee6fa46

42 B
60 B

45ms
44ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362588.gif?partner_uid=8591eac4-3537-475a-a748-43710ee6fa46
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 16:13:16 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://idsync.rlcdn.com/362588.gif?partner_uid=8591eac4-3537-475a-a748-43710ee6fa46
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET
H3

200

52154.gif
idsync.rlcdn.com/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=11&cparams=placement%3D1391
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1270335229494304850

42 B
60 B

42ms
41ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1270335229494304850
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Pragma: no-cache
Date: Mon, 06 Jun 2022 16:13:16 GMT
X-Proxy-Origin: 149.56.153.187; 149.56.153.187; 555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 49b5a631-bccf-42a4-8099-c07605d1423b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1270335229494304850
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=12&cparams=placement%3D1391
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=0e780a9d4ffc4d5e2c4f591678a1d4764f7a666a9c2d5b327f7858f2e91cbb8ac0cb235b3774c97e&cb=05809348

43 B
932 B

32ms
32ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=0e780a9d4ffc4d5e2c4f591678a1d4764f7a666a9c2d5b327f7858f2e91cbb8ac0cb235b3774c97e&cb=05809348

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Jun 2022 16:13:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5P2YRBVS5VM8KZ3X5PKR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=0e780a9d4ffc4d5e2c4f591678a1d4764f7a666a9c2d5b327f7858f2e91cbb8ac0cb235b3774c97e&cb=05809348
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

362248.gif
idsync.rlcdn.com/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=13&cparams=placement%3D1391
https://dpm.demdex.net/ibs:dpid=477&dpuuid=6cf1f8e2eab1a5f7da7b7cc30e901a56dc555407d77d38268d349bc72918cf17b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BD...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=6cf1f8e2eab1a5f7da7b7cc30e901a56dc555407d77d38268d349bc72918cf17b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3...
https://idsync.rlcdn.com/362248.gif?partner_uid=08330111957811374302272474968994982564

42 B
60 B

43ms
42ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362248.gif?partner_uid=08330111957811374302272474968994982564
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:17 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

DCS: dcs-prod-usw2-2-v030-04b804f1f.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Gp8/cvO6Stw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://idsync.rlcdn.com/362248.gif?partner_uid=08330111957811374302272474968994982564
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=14&cparams=placement%3D1391
https://usermatch.krxd.net/um/v2?partner=liveramp
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp

0
337 B

84ms
24ms

Image
text/plain

75.101.130.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp
Protocol: H2
Server: 75.101.130.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-130-249.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=42 t=1654531996
x-served-by: beacon-n015-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp
date: Mon, 06 Jun 2022 16:13:16 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a011-ash-prod.krxd.net

GET
H3

200

401696.gif
idsync.rlcdn.com/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=15&cparams=placement%3D1391
https://tags.bluekai.com/site/2035?phint=rluid=97d6e515ad09618731d7cc6075cc9e58fab648e9dbfba45f768b6b33361ce8382971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24...
https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515

42 B
60 B

41ms
41ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515
Date: Mon, 06 Jun 2022 16:13:16 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H3

200

397676.gif
idsync.rlcdn.com/ Frame CCB7
Redirect Chain

https://rc.rlcdn.com/456809.gif?n=16&cparams=placement%3D1391
https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=NH5cwtpcIOI7pFRGZHW6qdpvyAFciwgS

42 B
60 B

42ms
42ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=NH5cwtpcIOI7pFRGZHW6qdpvyAFciwgS
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=NH5cwtpcIOI7pFRGZHW6qdpvyAFciwgS
date: Mon, 06 Jun 2022 16:13:16 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 4021
content-length: 221
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H3

200

52154.gif
idsync.rlcdn.com/ Frame 9A16
Redirect Chain

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=1270335229494304850
https://p.rfihub.com/cm?pub=39342&in=1&userid=5e5d7ea1-673d-4ef2-8b81-f95ad883fcfb%3A1654531996.54&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc45k8mcv3vqaljm
https://idsync.rlcdn.com/501709.gif?partner_uid=c45k8mcv3vqaljm
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1270335229494304850

42 B
60 B

42ms
41ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1270335229494304850
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c45k8mcv3vqaljm&pctry=CA&referrer=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:17 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Pragma: no-cache
Date: Mon, 06 Jun 2022 16:13:17 GMT
X-Proxy-Origin: 149.56.153.187; 149.56.153.187; 555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: a69ede25-556e-4e2f-9d68-13725a9111a9
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1270335229494304850
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

401696.gif
idsync.rlcdn.com/ Frame 9A16
Redirect Chain

https://p.rfihub.com/cm?pub=39342&in=1&userid=5e5d7ea1-673d-4ef2-8b81-f95ad883fcfb%3A1654531996.54&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab...
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=968062829807697887
https://idsync.rlcdn.com/501709.gif?partner_uid=c45k8mcv3vqaljm
https://tags.bluekai.com/site/2035?phint=rluid=97d6e515ad09618731d7cc6075cc9e58fab648e9dbfba45f768b6b33361ce8382971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24...
https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515

42 B
60 B

41ms
41ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c45k8mcv3vqaljm&pctry=CA&referrer=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Jun 2022 16:13:17 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515
Date: Mon, 06 Jun 2022 16:13:17 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 9A16
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3181&partner_device_id=5e5d7ea1-673d-4ef2-8b81-f95ad883fcfb%3A1654531996.54
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3181&partner_device_id=5e5d7ea1-673d-4ef2-8b81-f95ad883fcfb%3A1654531996.54
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=85f5ea19-e4b4-4550-855f-a25e4178e316%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8591eac4-3537-475a-a748-43710ee6fa46&ttd_puid=85f5ea19-e4b4-4550-855f-a25e4178e316%2C

95 B
113 B

38ms
38ms

Image
image/png

107.178.246.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8591eac4-3537-475a-a748-43710ee6fa46&ttd_puid=85f5ea19-e4b4-4550-855f-a25e4178e316%2C

Requested by

Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c45k8mcv3vqaljm&pctry=CA&referrer=https%3A%2F%2Fwww.welivesecurity.com%2Fla-es%2F2022%2F03%2F02%2Fisaacwiper-hermeticwizard-nuevo-wiper-y-worm-utilizados-ciberataques-ucrania%2F

Protocol

Server

107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:13:16 GMT
via: 1.1 google
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Mon, 06 Jun 2022 16:13:16 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8591eac4-3537-475a-a748-43710ee6fa46&ttd_puid=85f5ea19-e4b4-4550-855f-a25e4178e316%2C
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 353

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.welivesecurity.com/	1970-01-20 12:21:07	Name: pll_language Value: la-es
.welivesecurity.com/	1969-12-31 23:59:59	Name: TS01239cf7 Value: 0142213e1a0fe6e29990658084f7a3212480db7c6d52d25162a7e5f20d07b38d46fbe356779909ea0da966358a1027fc140d88de7e
www.welivesecurity.com/	1970-01-20 12:21:07	Name: ai_user Value: EoEnp\|2022-06-06T16:13:13.331Z
.welivesecurity.com/	1970-01-20 21:06:43	Name: _ga Value: GA1.2.1525379190.1654531994
.welivesecurity.com/	1970-01-20 03:36:58	Name: _gid Value: GA1.2.1463167394.1654531994
www.welivesecurity.com/	1970-01-20 03:35:33	Name: ai_session Value: 5P8Sn\|1654531994335\|1654531994335
disqus.com/	1970-01-20 03:35:33	Name: __jid Value: 45k8m812o6499n
.disqus.com/	1970-01-20 12:21:07	Name: disqus_unique Value: 45k8mcv3vqaljm
.google.com/	1970-01-20 07:59:03	Name: NID Value: 511=DkPgu3JbgfJ1E1ErzqmqZTTuNSVqqzfhIBTDXXR_XmHY_WDUd_I90uEjD1jltAFpWgWMYtnD8ocmT-cvPJArvdg3n9y8x9vo-GDLY8pQskR4Ndp5tIJPlF0a5h7tU-yhM06tj5-6qQvrkIEfHXxcjaU44KuUWcHz-Oc5Y5a6RmE
.pippio.com/	1970-01-20 12:21:07	Name: did Value: MauJTbPKy-efIAdM
.pippio.com/	1970-01-20 12:21:07	Name: didts Value: 1654531996
.pippio.com/	1970-01-20 05:01:55	Name: nnls Value:
io.narrative.io/	1970-01-20 16:43:30	Name: io.narrative.guid.v2 Value: 929aadc0-e5b3-11ec-96af-0e9f37bd45a9
.adsymptotic.com/	1970-01-20 05:45:07	Name: U Value: 43f05d34ac580937a87e56df9fe430d6
.openx.net/	1970-01-20 12:21:07	Name: i Value: b41937ea-36d5-409f-9ba6-74b099c734c9\|1654531996
.adnxs.com/	1970-01-20 05:45:07	Name: uuid2 Value: 1270335229494304850
.adsrvr.org/	1970-01-20 12:21:07	Name: TDID Value: 8591eac4-3537-475a-a748-43710ee6fa46
.mathtag.com/	1970-01-20 13:01:27	Name: uuid Value: ecce629e-279c-4200-a8f7-2acf9527ff20
.doubleclick.net/	1970-01-20 12:57:07	Name: IDE Value: AHWqTUnvzILNtlqfvvlxgZF9SDHpGXqm5MsyV7t01HpQCQWIs-gOAiQU2UK7idzLrBc
.linksynergy.com/	1970-01-20 12:21:07	Name: rmuid Value: 801392ca-df16-4f62-88cd-fcf47b8edd7d
.linksynergy.com/	1970-01-20 12:21:07	Name: icts Value: 2022-06-06T16:13:16Z
.pippio.com/	1970-01-20 05:01:55	Name: pxrc Value: CJzP+JQGEgQIAhAAEgUIlCkQABIFCOUrEAASBQjmKxAAEgUI5ysQABIFCOgrEAASBQjpKxAAEgUI6isQABIFCOsrEAASBQjsKxAAEgUI7SsQABIFCO4rEAASBQjVQxAAEgUI3k4QABIGCOOvKxAAEgYI7a8rEAASBgjurysQABIGCO+vKxAAEgYI8K8rEAASBgjxrysQAA==
.amazon-adsystem.com/	1970-01-20 08:36:29	Name: ad-id Value: A60hdleqBkkJqMy29NdZIcY
.amazon-adsystem.com/	1970-01-22 00:00:58	Name: ad-privacy Value: 0
.rezync.com/	1970-01-20 12:56:42	Name: zync-uuid Value: 5e5d7ea1-673d-4ef2-8b81-f95ad883fcfb:1654531996.54
.tapad.com/	1970-01-20 05:01:55	Name: TapAd_TS Value: 1654531996747
.tapad.com/	1970-01-20 05:01:55	Name: TapAd_DID Value: 85f5ea19-e4b4-4550-855f-a25e4178e316
.criteo.com/	1970-01-20 12:57:07	Name: uid Value: d41b944b-d86c-4968-a645-8e6751bb585c
.krxd.net/	1970-01-20 07:54:43	Name: _kuid_ Value: O4eCt2mN
.adsrvr.org/	1970-01-20 12:21:07	Name: TDCPM Value: CAESFwoIbGl2ZXJhbXASCwiUk6P1r_jjOhAFEhQKBXRhcGFkEgsI4Oj29q_44zoQBRgBIAEoAjILCODg-aPG-OM6EAU4AVoFdGFwYWRgAg..
.tapad.com/	1970-01-20 05:01:55	Name: TapAd_3WAY_SYNCS Value: 1!3784
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAAXBwRHAIAgEwE_aITMIh2A3GqCQVO7u_wwUctZmsilJWj3IjzN1YKe79NdnsUEhHGEv9AK4drbFNQAAAA
.rfihub.com/	1970-01-20 12:57:07	Name: rud Value: H4sIAAAAAAAAAOMSsjSzMDAzsjCytDAwN7M0t7AwF-Iz1C31L6gsTg0KDywPKAEA-05KxCQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSsjSzMDAzsjCytDAwN7M0t7AwF-Iz1C31L6gsTg0KDywPKAEA-05KxCQAAAA
.demdex.net/	1970-01-20 07:54:43	Name: demdex Value: 08330111957811374302272474968994982564
.rfihub.com/	1970-01-20 12:57:07	Name: eud Value: H4sIAAAAAAAAAD3HuxWAIAwAwAmsmCM-Qr64DZhkIEuntfO6e9qQlLBcCGoUwFkDfDtCTVnhTnXXvlCFhXBOPYXfdvy33vkDXKVXEkUAAAA
.rlcdn.com/	1970-01-20 12:21:07	Name: rlas3 Value: F5MmXhflwcrypaUQQk5+0Y/LLwaKds3jzmNdIJAeK58=
.dpm.demdex.net/	1970-01-20 07:54:43	Name: dpm Value: 08330111957811374302272474968994982564
live.rezync.com/	1970-01-20 12:57:07	Name: sd-session-id Value: .eJwVykELgyAYgOG_Mr5zh2oFI9hpeduUwBF6iWZCmraVFqzov8_dnhfeHZqPnG07ytFD4edFRiCMCuWg2KFTblqCQGT5cLFiPa9Ta7SFIwInnVPvsVHd_zy9woXrZ8LLzjCKPNZi47c45jX73mmvSIk810PC6iojJbYs5YpolGJaJY8N5YSyJfgKx_EDBJ8yEA.FX-5HQ.-MkI_xtyiBeRLUh6R0M8x6hjRe8
.rlcdn.com/	1970-01-20 05:01:55	Name: pxrc Value: CJzP+JQGEgUI6AcQABIFCOhHEAASBgi16gEQABIGCLbqARABEgYIuuoBEAASBgi+6gEQARIGCOrqARAA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://c.disquscdn.com/next/current/embed/lang/es.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
assets.esetstatic.com
az416426.vo.msecnd.net
beacon.krxd.net
c.disquscdn.com
cdn1.esetstatic.com
cm.g.doubleclick.net
connect.facebook.net
dc.services.visualstudio.com
disqus.com
dpm.demdex.net
ei.rlcdn.com
glitter.services.disqus.com
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
io.narrative.io
live.rezync.com
match.adsrvr.org
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
p.adsymptotic.com
p.rfihub.com
pippio.com
pixel.tapad.com
rc.rlcdn.com
referrer.disqus.com
s.amazon-adsystem.com
sync.mathtag.com
tags.bluekai.com
tags.rd.linksynergy.com
us-u.openx.net
usermatch.krxd.net
welivesecurity.disqus.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.welivesecurity.com
104.18.101.194
104.81.136.162
107.178.246.49
107.178.254.65
13.224.81.61
142.251.40.162
15.197.193.217
151.101.0.134
199.232.192.134
199.232.192.64
199.232.196.134
199.38.167.128
20.42.73.141
209.54.177.54
216.200.232.249
2600:9000:2131:7600:6:8656:f5c0:93a1
2606:2800:11f:17a5:191a:18d5:537:22f9
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80e::2003
2607:f8b0:4006:81f::200e
2607:f8b0:4006:823::200e
2607:f8b0:4006:824::200d
2620:100:a001::c
2620:1ec:46::40
2a03:2880:f03a:1c:face:b00c:0:3
2a03:2880:f13a:83:face:b00c:0:25de
34.213.154.128
34.232.160.63
34.98.64.218
34.98.67.3
35.190.60.146
44.196.45.105
54.221.225.158
54.230.10.86
68.67.181.202
75.101.130.249
04f6add17727fa3a69ca10c346951fd86b19217f32f1fc6fc53318f7c6485c72
0d12043c7051fe9e78060b7ae447ec5aa8bfa744dd5520fb12e745a2bb0076da
11c401a81e32b086bea3798c033009907b429fb601411da6ffc266b78184898a
12c42fa79dc321e56bb3c23008cacf7a79771bab4fa61f765556e24ba13a89ff
12f37c0a70377ac636345742e2eb0d2acb70d411612020ae1608193330a5b15d
1377c33abb24c615100b47c8d905ef0299112a22d097511cc569337b9633f21e
16446c63d4890cf1704eff93c7d261c1b1b950877ec708a49b380aaa6bc88195
18fc4c578d185b0c9979c16e1c6b431e3079b3b06b98d56995a29ab7a90bdfe1
193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b
1ba0ff3994900740a94dc37300b7415b25d642f6ef495afc5ae4e16ae1128e66
1f72abf11fd0b507cc794dbec618ac1d29a7de5e3904f8e4925ce63ad60a3200
20a91bd509668238b6af8e16475c5e2611bcd2861d0eec2e0d4f6815e81449bd
2230603b8ba7c0020fd16a1582d087decbc8381475e125271c2e13530f1592d7
260865134b6e69ca7bafa9e8ddcd59fb6ffbf727f50a3d2dd186d217c8c79694
27722398024d3a0155570720a95d420d8746a2e65ff2f23affae3865affa71dd
2e7ff8a9893c0fb085662356cddd8e57d34b4241bb5bbe1d9ad002d973c2fb77
3019b3e9fdaff391d3df53dcd6769283b377e9da7f360f0bb76e0c48d34b6626
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35ccbb14f6d8b7ed5eb03728f94221f27ed194ae83b32c40315d531f49b10bc1
35ce72d85ac20c855ec514d68c3d7d252fdcd2b17728d3f0d5653b93df69033a
38bbe5a21a5cf485730fdd261a37f49942fdcf0ff3e376fb6c5b1a3ef78a1c35
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
433e36e547146f996b1ab871385cf507c360c39c985ab1b3f6018c45b79e9ba3
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4e14ce1bd0d4433eee84cbb16196a7a051126f07af888ef7f9d252120f32f907
5159dca2fe03c327248fd3b685f497f9f521c91d243ffaf43077601fedf56f7a
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
55c9540888569c09e72cbfbadbe3a3fe888b0a3dec19d5a6fd085dcf09162cc8
5813b04bb0c879b76179735995127ddc2af1867f42d4a4b5a8d7c3103f348b05
63a41173db39c92635a87b39eedb581e8a1c3142372ebced441ce927fef343a1
64cee676a611b27aca955c5e227666f9d955682512ec25b982bd5e2f92eb61dd
6b83d0e9d3cf9ec2d9692344133388e6412630b565b0b56b8e3d1cc4b0d1bea3
7184f2085bedef65d3c0c459b2ade2c5cda92c16f4b6e426618aae36fc20d754
726e0505145c1135e354e1cccfb73fc3685d408b3fd84b0a6d2446562b2b767a
730d4b3194f10a8c177046e001a83e0391e3b6ef2f1386d368a51c2433a98127
7344c63c6a0d89b69a485af2ec5bcc1cad983150613510439371d5293ed1cc46
79178481c1d1ab6798f68fb68f05045d45e6da72ac7a146feb2440de4f7d35c6
7df5345a52f22643ef051bf74f41d9a5a5644d5e699480a81ae8825b8ab5e533
822800703045ecbccb15cff577f1f09d9b4efee6ae916396a6aceb3f6544b9a5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
863a3169d976e8b1390bb5026de3e4699c61dcd35583d11cc6e38a5cab15a195
8784042e14531617c1aef40d7623d3dd1d0b24730721c779e0c3ae86ed03990e
92a9c26ff6f6e2d12c12c34a232a09de772baeffedca24cae54705b192d3460b
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6a468c14177dcc22e8a5f340e7d99593f254708bd58b6ce819a343cb712b540
a909710daedc50030a54a88328998023160cce11483274caf45179093c809396
b43707c0935d67d9f49c0ed55ef5ea2223108e2a075a0e66f73a889760f8206d
b7729ca882848bcde7d11850021eda394c6567fad017c1a5cc769f89676af538
bea78c9a7a2a221feb848ddac583f7a22f95d8dc5fdd28826147bb70b7d5cd87
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d33fbf33d2895817029b01cf16d273104474646e4e441988ab4efcfa7563991b
d34bbac8aeb622f108a95c454c22cf791d514432d9118ed19aabf361e4bed34c
db4802cdd77ee321f64c129088ac127ae97f09f283e9d90ef66e352a8e36340d
db865c8f3642f3485829c0ee0008fe04a32cc66af70867b39f60395a7fed3984
dd64ca752834b8f9c5c495a528c7ff54c6538cedd9f380e2106455f60610f613
ddc6aec4144b67f0a2a12d687f3c4b8a9faf7c445847d0e25dcb5bd1a9ba9018
de30b1fc781f1344f02ff2230b868a870e18cea33e2228017066b2f1d2ef753d
e0c2fd69b7d441b42045d474afe52d2bdbb81a44c8d73e2c8271e4114003d991
e22e3416c5b454c2fc3c8e8185b478647446789abbee258ec18a5791880eaf1b
e2a1c2c0322c2737e986c860da67fbb2b9e93b70527a943b8c35b9d6e81ebb42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422b07ca1550e55cd90a518e910fd3cfb4d9337ea6092357f9761aa77ac9e33
e7c053aa439dd2bb56d823101047cb9fad99b2b4963e036af632ad0a662099d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f055e217bde76d711bd8b42af773f9f99b8a29d81ad9ed10b6379cc7e6c60452
f0edf4ed283d119399dcb7025914b6a68a187667085bcbc49fe91db20f952cc1
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
fb07128372b2a8280ebd49f16bd784e55ae2c6162bb1be7fd7b9f18b6aa40ebf
fd8f6b19f6594c79bbf4e63b76d57e3230959f2fc0b3805277472b7e8061cdf0

www.welivesecurity.com Open in urlscan Pro 2606:2800:11f:1cb7:261b:1f9c:2074:3c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

105 Requests

76 %HTTPS

32 %IPv6

31 Domains

39 Subdomains

25 IPs

2 Countries

2649 kBTransfer

4245 kBSize

40 Cookies

32 Outgoing links

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.welivesecurity.com Open in urlscan Pro
2606:2800:11f:1cb7:261b:1f9c:2074:3c Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

76 %
HTTPS

32 %
IPv6

31
Domains

39
Subdomains

25
IPs

2
Countries

2649 kB
Transfer

4245 kB
Size

40
Cookies

105 HTTP transactions
0 data transactions