urlscan.io logo urlscan.io
SecurityTrails logo

securityintelligence.com Open in urlscan Pro
2606:4700:3033::ac43:86d6  Public Scan

Go To Rescan Add Verdict Report
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Submission: On May 05 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 1 countries across 29 domains to perform 122 HTTP transactions. The main IP is 2606:4700:3033::ac43:86d6, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityintelligence.com. The Cisco Umbrella rank of the primary domain is 593933.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time securityintelligence.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 2606:4700:303... 13335 (CLOUDFLAR...)
14 2607:f8b0:400... 15169 (GOOGLE)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:141b:500... 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
9 2607:f8b0:400... 15169 (GOOGLE)
3 2600:9000:21d... 16509 (AMAZON-02)
8 2607:f8b0:400... 15169 (GOOGLE)
1 104.109.144.15 16625 (AKAMAI-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
14 23.198.216.246 16625 (AKAMAI-AS)
1 23.0.31.227 16625 (AKAMAI-AS)
6 54.186.7.121 16509 (AMAZON-02)
1 99.84.39.121 16509 (AMAZON-02)
1 13.33.46.89 16509 (AMAZON-02)
1 7 23.200.196.208 16625 (AKAMAI-AS)
2 34.231.11.134 14618 (AMAZON-AES)
1 151.101.208.157 54113 (FASTLY)
1 13.225.213.88 16509 (AMAZON-02)
1 2 54.173.43.128 14618 (AMAZON-AES)
1 3.94.97.220 14618 (AMAZON-AES)
2 104.244.42.131 13414 (TWITTER)
1 104.244.42.197 13414 (TWITTER)
2 52.0.123.240 14618 (AMAZON-AES)
1 44.239.223.37 16509 (AMAZON-02)
1 1 52.4.86.119 14618 (AMAZON-AES)
3 13.225.223.102 16509 (AMAZON-02)
3 3 35.190.60.146 15169 (GOOGLE)
1 2 13.225.223.120 16509 (AMAZON-02)
1 99.84.126.33 16509 (AMAZON-02)
1 1 216.200.232.249 30419 (MEDIAMATH...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 34.111.234.236 15169 (GOOGLE)
122 31
27    2606:4700:3033::ac43:86d6 (United States)

ASN13335 (CLOUDFLARENET, US)
securityintelligence.com
14    2607:f8b0:4006:80e::2001 (Staten Island, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2600:141b:5000:6a8::b3a (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
1.www.s81c.com
www-api.ibm.com
2    2607:f8b0:4006:823::2008 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4006:81c::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
9    2607:f8b0:4006:824::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2600:9000:21da:2000:f:fcff:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)
images-cdn.welcomesoftware.com
8    2607:f8b0:4006:817::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.109.144.15 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-144-15.deploy.static.akamaitechnologies.com
api.www.s81c.com
2    2607:f8b0:4004:c09::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
14    23.198.216.246 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-216-246.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    23.0.31.227 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-31-227.deploy.static.akamaitechnologies.com
cloud.ibm.com
6    54.186.7.121 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-7-121.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    99.84.39.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-39-121.ewr52.r.cloudfront.net
consent.truste.com
1    13.33.46.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-89.ewr52.r.cloudfront.net
scripts.demandbase.com
7    23.200.196.208 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-196-208.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    34.231.11.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-11-134.compute-1.amazonaws.com
collect.tealiumiq.com
1    151.101.208.157 (Newark, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    13.225.213.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-213-88.ewr50.r.cloudfront.net
analytics.newscred.com
2    54.173.43.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-43-128.compute-1.amazonaws.com
sync.crwdcntrl.net
1    3.94.97.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-97-220.compute-1.amazonaws.com
pixel.newscred.com
2    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
2    52.0.123.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-123-240.compute-1.amazonaws.com
visitor-service-us-east-1.tealiumiq.com
1    44.239.223.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-223-37.us-west-2.compute.amazonaws.com
ibm.demdex.net
1    52.4.86.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-86-119.compute-1.amazonaws.com
cm.everesttech.net
3    13.225.223.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-102.jfk51.r.cloudfront.net
consent.trustarc.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
2    13.225.223.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-120.jfk51.r.cloudfront.net
segments.company-target.com
1    99.84.126.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-126-33.ewr52.r.cloudfront.net
api.company-target.com
1    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
Apex Domain
Subdomains		 Transfer
27 securityintelligence.com
securityintelligence.com — Cisco Umbrella Rank: 593933
231 KB
14 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1114
140 KB
14 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 316
219 KB
9 gstatic.com
fonts.gstatic.com
166 KB
8 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1783
sync.mathtag.com — Cisco Umbrella Rank: 680
9 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
40 KB
7 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 283
ibm.demdex.net — Cisco Umbrella Rank: 91179
9 KB
4 tealiumiq.com
collect.tealiumiq.com — Cisco Umbrella Rank: 3117
visitor-service-us-east-1.tealiumiq.com — Cisco Umbrella Rank: 9523
3 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1250
44 KB
3 company-target.com
segments.company-target.com — Cisco Umbrella Rank: 2277
api.company-target.com — Cisco Umbrella Rank: 6580
2 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 909
idsync.rlcdn.com — Cisco Umbrella Rank: 491
799 B
3 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 4371
27 KB
3 welcomesoftware.com
images-cdn.welcomesoftware.com — Cisco Umbrella Rank: 523537
628 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
2 KB
3 s81c.com
1.www.s81c.com — Cisco Umbrella Rank: 112302
api.www.s81c.com — Cisco Umbrella Rank: 160346
100 KB
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 800
453 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 962
834 B
2 newscred.com
analytics.newscred.com — Cisco Umbrella Rank: 72174
pixel.newscred.com — Cisco Umbrella Rank: 171499
8 KB
2 ibm.com
cloud.ibm.com — Cisco Umbrella Rank: 52848
www-api.ibm.com — Cisco Umbrella Rank: 137683
4 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
467 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 142
80 KB
1 ml314.com
ml314.com — Cisco Umbrella Rank: 2429
405 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 379
614 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1413
517 B
1 t.co
t.co — Cisco Umbrella Rank: 563
336 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 963
10 KB
1 demandbase.com
scripts.demandbase.com — Cisco Umbrella Rank: 11978
19 KB
1 truste.com
consent.truste.com — Cisco Umbrella Rank: 8153
4 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1595
5 KB
122 29
Domain Requested by
27 securityintelligence.com securityintelligence.com
static.cloudflareinsights.com
14 tags.tiqcdn.com 1.www.s81c.com
tags.tiqcdn.com
securityintelligence.com
14 cdn.ampproject.org securityintelligence.com
cdn.ampproject.org
9 fonts.gstatic.com fonts.googleapis.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
7 pixel.mathtag.com 1 redirects tags.tiqcdn.com
pixel.mathtag.com
6 dpm.demdex.net tags.tiqcdn.com
4 unpkg.com 2 redirects securityintelligence.com
3 consent.trustarc.com consent.truste.com
3 images-cdn.welcomesoftware.com securityintelligence.com
3 fonts.googleapis.com securityintelligence.com
2 segments.company-target.com 1 redirects
2 id.rlcdn.com 2 redirects
2 visitor-service-us-east-1.tealiumiq.com tags.tiqcdn.com
2 analytics.twitter.com
2 sync.crwdcntrl.net 1 redirects
2 collect.tealiumiq.com tags.tiqcdn.com
2 stats.g.doubleclick.net www.google-analytics.com
2 www.googletagmanager.com securityintelligence.com
www.googletagmanager.com
2 1.www.s81c.com securityintelligence.com
tags.tiqcdn.com
1 ml314.com 1 redirects
1 c.bing.com 1 redirects
1 idsync.rlcdn.com 1 redirects
1 sync.mathtag.com 1 redirects
1 api.company-target.com scripts.demandbase.com
1 cm.everesttech.net 1 redirects
1 ibm.demdex.net tags.tiqcdn.com
1 t.co
1 pixel.newscred.com
1 analytics.newscred.com tags.tiqcdn.com
1 static.ads-twitter.com tags.tiqcdn.com
1 scripts.demandbase.com tags.tiqcdn.com
1 consent.truste.com tags.tiqcdn.com
1 www-api.ibm.com 1.www.s81c.com
1 cloud.ibm.com 1.www.s81c.com
1 api.www.s81c.com 1.www.s81c.com
1 static.cloudflareinsights.com securityintelligence.com
122 37
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
www.ibm.com
GeoTrust RSA CA 2018		 2021-09-13 -
2022-09-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.welcomesoftware.com
Amazon		 2022-02-23 -
2023-03-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
wildcard.bluemix.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-22 -
2023-03-22		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.truste.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2021-10-18 -
2022-10-14		 a year crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.tealiumiq.com
Amazon		 2021-09-24 -
2022-10-23		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2		 2020-05-21 -
2022-07-17		 2 years crt.sh
api.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2021-10-20 -
2022-09-26		 a year crt.sh

This page contains 4 frames:

Primary Page: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Frame ID: 1EAA61C8D18656EE2E13390A8E0A39AD
Requests: 119 HTTP requests in this frame

Frame: https://ibm.demdex.net/dest5.html?d_nsid=0
Frame ID: ED9F5809F66B2CB9AA79EA6F6FC65D96
Requests: 6 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=ibm.com
Frame ID: FAB51AE555131ACD02C15D78A29D93C2
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=2d206274-34cf-4400-84af-7e19ef003f00&no_iframe=1&mt_adid=171815&mt_lim=20&skipsync=10090&source=mathtag
Frame ID: 37A17A866AAC3C3A1B543B6CFE5AAFFC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IBM Security X-Force Research Advisory: New Destructive Malware Used In Cyber Attacks on Ukrainesi-icon-eightbarfeature

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

122
Requests

92 %
HTTPS

34 %
IPv6

29
Domains

37
Subdomains

31
IPs

1
Countries

1749 kB
Transfer

3815 kB
Size

37
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@8.1.4/swiper-bundle.min.js
Request Chain 25
  • https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
  • https://unpkg.com/swiper@8.1.4/swiper-bundle.min.css
Request Chain 95
  • https://pixel.mathtag.com/sync/img?sync=auto&mt_exid=10040&exsync=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D4735%2Ftp%3DMDMA%2Ftpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/map/c=4735/tp=MDMA/tpid=2d206274-34cf-4400-84af-7e19ef003f00 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=4735/tp=MDMA/tpid=2d206274-34cf-4400-84af-7e19ef003f00
Request Chain 107
  • https://cm.everesttech.net/cm/dd?d_uuid=81771582576142115964213829300610561306 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnQ0zwAAAEIaNQPl
Request Chain 114
  • https://id.rlcdn.com/464526.gif HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCM_p0JMGEgUI6AcQAEIASgA HTTP 307
  • https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297adXcqtzyO9ylWHGZoNwhtarqp_IJ_sh3TY6cVBeevgs HTTP 303
  • https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297adXcqtzyO9ylWHGZoNwhtarqp_IJ_sh3TY6cVBeevgs&verifyHash=c4266a5ee266d9170ddb6e925e212eddd58804e1
Request Chain 121
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=81771582576142115964213829300610561306&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d81771582576142115964213829300610561306 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=2d206274-34cf-4400-84af-7e19ef003f00&ddsuuid=81771582576142115964213829300610561306
Request Chain 122
  • https://idsync.rlcdn.com/365868.gif?partner_uid=81771582576142115964213829300610561306 HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=ef22562eeb6f1e59cd42e7759ea4560875cc6942a37c1c68967559372320f06eb0da87c991749652
Request Chain 124
  • https://c.bing.com/c.gif?uid=81771582576142115964213829300610561306&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=14FE43185DFE6DF72C6F52835CD46C3A
Request Chain 125
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626996926823006220

122 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/ 		136 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
7407adebd69a985ed26cea3bb4ccdd7cb8185518e653f4927496903c37e2e802
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=1800, must-revalidate, proxy-revalidate
cf-cache-status
MISS
cf-ray
706c419d8837713f-YUL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 May 2022 20:34:21 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 05 May 2022 20:35:21 GMT
last-modified
Thu, 05 May 2022 20:34:21 GMT
link
<https://securityintelligence.com/wp-json/>; rel="https://api.w.org/", <https://securityintelligence.com/wp-json/wp/v2/ibm_internals/434820>; rel="alternate"; type="application/json", <https://securityintelligence.com/?p=434820>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4VPyunPtEY3sVvp9T9s9SpXOeZaBw%2FeO2eNJVU9z7dKHNggVrdAGOz1Gcn8Oj20X5d9TRea%2FCvOSxt4WFxZNv6%2FksvGMKVFDiomZwwDKmdvMRe%2BoyZpMUk0gTRq8tkOt7vorT7xHOcuX2yBqLmmcndFy4KbanY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
X-Forwarded-For, Accept-Encoding
x-content-type-options
nosniff
x-powered-by
W3 Total Cache/2.2.1
x-xss-protection
1; mode=block
v0.js
cdn.ampproject.org/ 		275 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b7e306023f3b2cf6e01c937e97aa3ad295ce6c9c6e8b17ed2898683fa19621
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72482
x-xss-protection
0
server
sffe
date
Thu, 05 May 2022 20:34:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"60f78071a0435a03"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 May 2022 20:34:21 GMT
amp-list-0.1.js
cdn.ampproject.org/v0/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-list-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2619658d2faa2b08888718e0ec1ae0404e1deb9a69ddf79f763bde76bf3c3eb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12918
x-xss-protection
0
server
sffe
date
Thu, 05 May 2022 20:34:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"35595e9814a11324"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 May 2022 20:34:21 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57a95ff6f7ba3ff3fc5560dcdb7113367a9b5cafa2d71134ef81692deaf46af3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14321
x-xss-protection
0
server
sffe
date
Thu, 05 May 2022 20:34:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"ab0327cf6917bf7b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 May 2022 20:34:22 GMT
amp-accordion-0.1.js
cdn.ampproject.org/v0/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-accordion-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c19b3e061643a54de7ef25a97b64591aec017d7082195143571387aad80c7fbf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5857
x-xss-protection
0
server
sffe
date
Thu, 05 May 2022 20:34:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"b60c529db828c36c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 May 2022 20:34:22 GMT
amp-animation-0.1.js
cdn.ampproject.org/v0/ 		82 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-animation-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e66e469313475775cf200aaf1152a144f159f33245da50ee9cc82b3b8fd67d4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18965
x-xss-protection
0
server
sffe
date
Thu, 05 May 2022 20:34:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"f32152bf47bd96a7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 May 2022 20:34:22 GMT
amp-position-observer-0.1.js
cdn.ampproject.org/v0/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-position-observer-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c60332de2ffdabc594d0e46ceada004f041b9494d74b02c08de993886e18691f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3687
x-xss-protection
0
server
sffe
date
Thu, 05 May 2022 20:34:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"159092aff0cbae79"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 May 2022 20:34:22 GMT
amp-bind-0.1.js
cdn.ampproject.org/v0/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-bind-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
400a5ae6035e5b8e534f98e44142d74bc408326430bb2b5c5810a3900122dc17
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16247
x-xss-protection
0
server
sffe
date
Thu, 05 May 2022 20:34:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"eedf942dc74e5f11"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 May 2022 20:34:22 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f7dfad58aeeda1650f0b69ccd7b74ca4c4e650118539baf6e7558af0e316ea6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9470
x-xss-protection
0
server
sffe
date
Thu, 05 May 2022 20:34:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"8b7acca375ca44eb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 May 2022 20:34:22 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d208152ce66b37adb9b9080cfddd5254137aebecfa3bb07ce4e7f3178ec71f7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4794
x-xss-protection
0
server
sffe
date
Thu, 05 May 2022 20:34:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"46ea612635940635"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 May 2022 20:34:22 GMT
amp-lightbox-gallery-0.1.js
cdn.ampproject.org/v0/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-lightbox-gallery-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c886fd05750f4157b0058b1cc011e798ae93a61313a86384bb490cd93a4e8bc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18970
x-xss-protection
0
server
sffe
date
Thu, 05 May 2022 20:34:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"ccf9d77ec6738a56"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 May 2022 20:34:22 GMT
swiper-bundle.min.js
unpkg.com/swiper@8.1.4/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.js
  • https://unpkg.com/swiper@8.1.4/swiper-bundle.min.js
137 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.1.4/swiper-bundle.min.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a192cdfd3349d046b90e8fcf60c2b66a492d849f129ca525e4f7f518471f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:21 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
986752
fly-request-id
01G1DHV6Q2Y2KNYRTSEYM58MMY-lga
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"224e7-Za2A4qq5/msUfrRHecFuLq5tjWE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
706c41a6a86aecf2-YUL

Redirect headers

date
Thu, 05 May 2022 20:34:21 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G2AYG35K5FA4DHRDJRPAPVCQ-lga
server
cloudflare
age
409
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/swiper@8.1.4/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
706c41a6883fecf2-YUL
access-control-allow-origin
*
amp-video-0.1.js
cdn.ampproject.org/v0/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-video-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a27d947d3ac73b0432085a8f4bbb1ec6529731733046447812d32e1b7a4cc69
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15578
x-xss-protection
0
server
sffe
date
Thu, 05 May 2022 20:34:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"74836f059d5182e9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 May 2022 20:34:22 GMT
amp-youtube-0.1.js
cdn.ampproject.org/v0/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-youtube-0.1.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fb49fd990631e1c04d88f225d0a2dcfe50c7d3308979802e621c7e2b1593e17
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11172
x-xss-protection
0
server
sffe
date
Thu, 05 May 2022 20:34:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"415a0469bbb82064"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 May 2022 20:34:22 GMT
Cybercriminal-creating-malicious-software-typing-on-laptop-keypad-closeup.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/02/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/02/Cybercriminal-creating-malicious-software-typing-on-laptop-keypad-closeup.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
7978bdf5d9580547eef7aa32eaf9a9cbb9c1d90d5f82f4657cf79a90cfdb5c57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27470
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 24 Feb 2022 22:11:21 GMT
server
cloudflare
etag
"6b4e-5d8cadcb90088"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEXuxKrZMLFBjrgZoGJHNvNYMc10J7WCA7q3S%2B%2F14i6VwcH1rzd1ZxVSoZeKSCM3STVEmgXY2J%2BshRiI%2BKyZMQttSEbocColROhag2MOg1QNHjBMi4kJx0PugHo0n9TDh%2B262tAykxVQCsC9Qiq5LIfTK9Rqy2M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
706c41a78832713f-YUL
expires
Fri, 05 May 2023 20:34:22 GMT
ida_stats.js
1.www.s81c.com/common/stats/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.www.s81c.com/common/stats/ida_stats.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:5000:6a8::b3a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
312150280db7f7b09d11f18a58c0eeef6ec97a85976a44c163a96360ce09b160
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
content-encoding
gzip
last-modified
Mon, 04 Apr 2022 01:50:41 GMT
etag
"3f75c-5dbca5b17c644"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=53324
strict-transport-security
max-age=2592000
accept-ranges
bytes
content-length
73554
expires
Fri, 06 May 2022 11:23:06 GMT
modules.css
securityintelligence.com/wp-content/themes/sapphire/minifications/ 		67 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/minifications/modules.css?v=1650466695
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
9c7c2f2956f1110e5e7e360759c0fc49b62242b1e79667d67dbf945128551c54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Wed, 20 Apr 2022 14:58:15 GMT
server
cloudflare
etag
W/"10bc9-5dd173912a42e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dU0JNp%2B9S4dwE%2Fs2PRbsY6NfBEcvmKF5hh3fN3R0tRG0oRcwn9R4zzccfefY%2BC0s3tiELrnR5kQ%2BPYbnv07y%2FxaRLrLLZrzQVG2V3vySxcj%2BTBdL2QqPZc0w9%2BwLuE0CBMlNkE19QzkYLNIWUF0onYlogUzpsP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a65e64713f-YUL
expires
Fri, 05 May 2023 20:34:21 GMT
style.min.css
securityintelligence.com/wp-includes/css/dist/block-library/ 		81 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Tue, 12 Apr 2022 15:39:52 GMT
server
cloudflare
etag
W/"145db-5dc76df34f5e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7xv8y12XUd5eLq9BTBtnO5s8LyBScPnrMXigz6VWsdZI9Gjudzdz1fa%2BTM74B62pwZSBcHTzEF8HCwWyaJFJLs9uc1iQhazIaMqfH2BLgzSK0Nnv%2F%2BhwZyaxqtqtEYDvtpqh2x5Jj1rN1OixoYrDm1pGCrbCNE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a66e6d713f-YUL
expires
Fri, 05 May 2023 20:34:21 GMT
styles.css
securityintelligence.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 21 Oct 2021 20:37:53 GMT
server
cloudflare
etag
W/"aab-5cee2de7285a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRyrkA5Opz5ct2nyTqHj7lycK1IefTSkbYKZcNhzWOg2yFfWsgH5EKFuV0BmwvymdtzoyA8MOWasYQOcKb1ZGugyhR9CTQ7587T4G5iDT3w4WhzS%2BCM%2BOsBU3RxOpUYPEdsmyVRvrlWDnTXnqsOIfTZ9MTqm8sQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a66e72713f-YUL
expires
Fri, 05 May 2023 20:34:21 GMT
style.css
securityintelligence.com/wp-content/plugins/taxonomy-images/css/ 		447 B
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/plugins/taxonomy-images/css/style.css?ver=0.9.6
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
4dd1908c6a8fd56a009de150a0d1b0c6c18a21543ff2f246a7108f385a22500e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 19 Sep 2019 20:08:59 GMT
server
cloudflare
etag
W/"1bf-592ed8633ba35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIRAt6lwR9UpaWA89en9JlZRaNLdPPfM%2BWOWLW26E%2FTANlTVbjCztVpJ2mQmONautfgCJ4jEuvEAULeOLEJzeK4FYoVzxo8JQG%2BY3bGxFwPwpiDoVC4PIZVk82SYZ%2FZdJoNv5c8m06gWm9laH%2FHANet0KfhmRYs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a66e73713f-YUL
expires
Fri, 05 May 2023 20:34:21 GMT
jquery.min.js
securityintelligence.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 22 Jul 2021 17:28:09 GMT
server
cloudflare
etag
W/"15db1-5c7b99c5423f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULi4qh85E5gpV0cN56xMs8FVFimeIf8a9xwaftlAKOe2D0bHvhW3cJ9sgNp5w%2FXmSRHs21FPUY5jQ717FqRrOKbpO%2FNI99hP%2BqAgttoWpFlFYMOwzE26FHmHZ%2FT54aAGfCaDNt%2BN0hnOYO42rQDD%2BPTkVdNPt4A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a66e75713f-YUL
expires
Fri, 05 May 2023 20:34:21 GMT
jquery-migrate.min.js
securityintelligence.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Mon, 14 Dec 2020 14:00:37 GMT
server
cloudflare
etag
W/"2bd8-5b66d110e5c96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRy3jF26NByM1t8wq9qKYiNXhwOhK91pMAafYn1Gl1dESXpQhZ3pwD%2FPL9Tx7VK2pkwu9YIQQE96jvgkXW%2B86LtUtt5IwSb97d9AXta1w28SWw08ReBFdg3VnBDBgLlD5ziqUdeChGaKldMX%2BFp%2BldpDOlEm5W4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a66e77713f-YUL
expires
Fri, 05 May 2023 20:34:21 GMT
js
www.googletagmanager.com/gtag/ 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-143580012-4
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
90358072eaa30fd32661e48a6ae5b6dc1096135eed8e1cb13a1f0d851d41baf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40735
x-xss-protection
0
last-modified
Thu, 05 May 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 May 2022 20:34:22 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
90363b35dd483c041fc0700d7eb187f2efef98f055942f8aab2c5e87514c5143
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 May 2022 20:34:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 05 May 2022 20:34:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 May 2022 20:34:21 GMT
css
fonts.googleapis.com/ 		7 KB
708 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
040d5f70883d0a420aadb6ae2664efd27ac22ca44190b69b4f4ab53db9bda25b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 May 2022 20:34:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 05 May 2022 20:34:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 May 2022 20:34:21 GMT
css2
fonts.googleapis.com/ 		2 KB
588 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Serif&display=swap
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b70b7fdf057475d366893214c0fded16c619fb3d875e6285e00dec248dde9704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 May 2022 20:34:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 05 May 2022 20:34:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 May 2022 20:34:21 GMT
swiper-bundle.min.css
unpkg.com/swiper@8.1.4/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.css
  • https://unpkg.com/swiper@8.1.4/swiper-bundle.min.css
16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.1.4/swiper-bundle.min.css
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bf8c1a5bb073a51e3e127ad0660c56e81220a22b0096a3bfd591d1add47597b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:21 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
986864
fly-request-id
01G1DHQWB04PHHG5FBNEG99DH2-lga
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3e36-rVraWIxddg2YZ9UhWL79KOv8a3w"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
706c41a6b879ecf2-YUL

Redirect headers

date
Thu, 05 May 2022 20:34:21 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G2AYQJ1DF39S1QC7GE71GMQG-lga
server
cloudflare
age
165
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/swiper@8.1.4/swiper-bundle.min.css
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
706c41a6883decf2-YUL
access-control-allow-origin
*
single.css
securityintelligence.com/wp-content/themes/sapphire/minifications/ 		83 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1650466695
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
e830e5df9973ea43347538348ec5001185f1c305d5f1a8fd73769bf2534e3682
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Wed, 20 Apr 2022 14:58:15 GMT
server
cloudflare
etag
W/"14cea-5dd173912abfe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFr1fiSLlgCqj1PEB95aphjobCWFh12WOgpqEGoWT%2FiI7gS3kZa3QNQSBB%2FGQoRce8UV0l%2Ft97lrY6rG04JEFS8fnhE2b0JbW65rypdY77t5NAD0R3m4t%2BHAvQUCiOoTjAJw6q%2BU4Q1midNX3PPhLXtLEjAA32A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a66e78713f-YUL
expires
Fri, 05 May 2023 20:34:21 GMT
email-decode.min.js
securityintelligence.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 29 Apr 2022 17:17:34 GMT
server
cloudflare
etag
W/"626c1dae-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMScp3LiZDFceTGxNjJ9y4sMnl8P%2BewIu8CS0vhCIPORNewrTOyaVlzYHZHx53Z1kwCSW8OdX%2FmNefTDsEpdgvhscKbmN5lqO00WjZxHyWTsCnjj%2BSeyB9motn2ppLY7zIOnziR2pd%2BwOloCr%2FJCQKD4qkvz%2BOA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
706c41a66e79713f-YUL
vary
Accept-Encoding
expires
Sat, 07 May 2022 20:34:21 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
706c41a7ceda7154-YUL
regenerator-runtime.min.js
securityintelligence.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Mon, 14 Feb 2022 14:48:48 GMT
server
cloudflare
etag
W/"195e-5d7fb83a43038"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtY9D%2FhkjBCmpr%2Br%2ByBt6SPCbx51KSD71fdZjYEf6PGq87%2Bq%2BgqlAijog0Zw5SF%2FFaDRYhlojweUs1kVVBPYQzx81b2GsnAgeEH4n0gaoirvf%2FpnCeiq0Cs%2BYKtIBPKyLpX91imvlb4IavqfeMbceWDMOYUvh2c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a66e7e713f-YUL
expires
Fri, 05 May 2023 20:34:21 GMT
wp-polyfill.min.js
securityintelligence.com/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Mon, 14 Feb 2022 14:48:48 GMT
server
cloudflare
etag
W/"4b3d-5d7fb83a43420"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyAn2VPd3p4XxdclOmwaO87uYk4%2FiBxrbzeSoiNxcW5xysx%2FOi8wDiH%2BizZlz6AzHbNHBJvWO0mDgt%2BGViSVSoJF21rWhjb33D42BiKbiX8nE4TTWT7JMmNNLgmXk4LyMrbpVFYcyU55%2B2SqWUXwayfQrA5dyg0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a66e80713f-YUL
expires
Fri, 05 May 2023 20:34:21 GMT
index.js
securityintelligence.com/wp-content/plugins/contact-form-7/includes/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Fri, 28 Jan 2022 14:00:34 GMT
server
cloudflare
etag
W/"25f8-5d6a4dbd02440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4olbb2amJpb%2FnAeY9OrpWUV%2BnZ914hSXqvgNfXU7tY3wvI1Z%2F93mAQBiIHKiNEGS6XVe481q3ijjkIvbG4PNy9uqGg7%2F0cr%2F%2BZMtbaKpz6sSbnubQgrc%2BoeBo%2B%2Fsl4I4K8nLiJL7eL1P0fQub2zY3p%2BKTzZFoY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a66e85713f-YUL
expires
Fri, 05 May 2023 20:34:21 GMT
qppr_frontend_script.min.js
securityintelligence.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/ 		2 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js?ver=5.2.3
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 19 Sep 2019 20:08:30 GMT
server
cloudflare
etag
W/"636-592ed846ef8ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDj6bzJhqO3cm%2Fy9WNyHxrqJpBmQsAgFVoxs7irsmhyK2MGAqWBOQBo1dOMOlTmUmYXw%2B%2FOFCmJMg245akOX5pSB6BNASzpAxFLDj2%2Bpw9AbJW%2B5xdVjJot12NH5aKiw7KVdSK10gxfbQJSrGMpztBKZk9jD3Qg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a66e87713f-YUL
expires
Fri, 05 May 2023 20:34:21 GMT
wp-emoji-release.min.js
securityintelligence.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 22 Jul 2021 17:28:09 GMT
server
cloudflare
etag
W/"4705-5c7b99c54c034"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFJhF9XlcMKFh2PcKMB55tVaZ6GzNOGbKnZvwFIPK4wQToR2qPJgA2UNaDPGeBjS8xzysOudravPihOT1N%2F%2F%2BVL7OND3pV2kqZLjFsCKEf45hkcGiEOJi8I0J%2BlI5ZuFyr9F%2FENFvPqbfpq6p%2BvUwYueJ7OjaQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a78833713f-YUL
expires
Fri, 05 May 2023 20:34:22 GMT
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v14/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 04:38:01 GMT
x-content-type-options
nosniff
age
230181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18000
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 04:38:01 GMT
logo-white.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/logo-white.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
663a14b3fbb5e44ad939917a2f6f4d93f31a0a1d8ab6702fb0a66036141ddc8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 16 Jan 2020 16:58:28 GMT
server
cloudflare
etag
W/"2136-59c44bbef4f0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFD5MRxUkU9e0kWag8uSDiK5j924OkDwx8IGwvRAZOz4c757MW2cEfAZRLWqyEMf%2F5QgE8QqdLGsE6LHgawutjA2clJ1diWCinSNKfsXobnMgCfRwpVqIcCb%2BjQv4O%2BSP4KE5uGjAlrGYYMiQpTz9RCqPT4KQV8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a818e2713f-YUL
expires
Fri, 05 May 2023 20:34:22 GMT
search.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		951 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/search.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
0e82da81b591f6ffc35aa67bcd9e1c39aa5983f7f8baaf35892956e8b2dc004b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 12 Sep 2019 12:50:34 GMT
server
cloudflare
etag
W/"3b7-5925a955be86c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDp%2FKG2I%2BUvSNAiEoAp7vAvz8a12Pn%2BHH43xBcQ4AorvYC9e0Yl3jMyzeIjoGLYT9FSfOmD77NnQdUP4Yzko%2FdYMItakM3vUfvUyh8XglTfDmSl3GY%2F%2FNuEID4riP0PDWUH7Uj%2BudtIuzL84sfB7C6zDegsqnGI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a818e6713f-YUL
expires
Fri, 05 May 2023 20:34:22 GMT
close.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		455 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/close.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
e89cc85750cabe4a1352be2c824af05958b906fdf9ab9b9e99fdd15a4d798152
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Fri, 27 Mar 2020 19:40:17 GMT
server
cloudflare
etag
W/"1c7-5a1db455dfe15"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkuM9R71juusTvwH3zsw%2BySpx%2F5vFMC7cTCD2n1zk3Nts%2BmVdAeTDmaWVNyykx7BAMQeuxy3lrsGgNJL9NivcX%2FJA4IJ7%2F0wXYVN2l9DCb7kqQeIu3yoKPM60TSqe3ANiAbV8oM2dUEcVM8LeWE0SklUpRRZc1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a818e8713f-YUL
expires
Fri, 05 May 2023 20:34:22 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012204221712000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204221712000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a646e84b454afcdfc9f38a9c9c2634176f8c98bc2c56ef376766260b42f02822
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
177511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3845
x-xss-protection
0
server
sffe
date
Tue, 03 May 2022 19:15:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7d28fba82dbef3da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 03 May 2023 19:15:51 GMT
loading.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		972 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/loading.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1650466695
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
790cfd19a8e033f96c28d63386fc4e3aff117ed855f762b40f39691a921de760
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1650466695
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 12 Sep 2019 12:50:34 GMT
server
cloudflare
etag
W/"3cc-5925a955bdcb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVnzmM%2B46tjqGUpBfBczbyiCl%2FQ%2BHIR52aSbxUv6MQWmawRYUCL%2BL%2F3BtGzk3l3pErMWq9J%2BIrR6IbkWL5GHIOXbHZ%2F%2FoigrmLy2v8N%2FtpBJWn944DdKddJwbbD35IIRVKEwAvUsLJeFlzg353LTYJWMa0QlRDo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a84919713f-YUL
expires
Fri, 05 May 2023 20:34:22 GMT
zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9b10dd6f91b1495f2f5afb055e060c55a5cc89e12c435e383cc1998741a739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 04:52:26 GMT
x-content-type-options
nosniff
age
229316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19200
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:50:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 04:52:26 GMT
scroll-to-top.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		715 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/scroll-to-top.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
5d5997f11a9482db230a12a91801a5006294d0c68817607fb2d8efdc7ecf006a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 01 Oct 2020 17:04:26 GMT
server
cloudflare
etag
W/"2cb-5b09f0236c546"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWx7nHT%2BzvYV40SzQXmpC%2FriieMQwa9NpvPrGe0BrAiwezP%2FL%2Bhv3sLxeEc1QL2WN1GHTAE%2B1duNENFQGh5LSY1DKEOmO1w63acnurNBQuxM1sLAqSxATaDGWUllEd18lbEXeYfyGP8OWW6gkD66AoI0k5CDXKg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a87979713f-YUL
expires
Fri, 05 May 2023 20:34:22 GMT
zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf4eae9216be01f9a411ac93c5008eb38a3abdbb12fdb50ef974a4599e90220a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 09:08:52 GMT
x-content-type-options
nosniff
age
213930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19124
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:47:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 09:08:52 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 01:56:19 GMT
x-content-type-options
nosniff
age
239883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 01:56:19 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 04:03:26 GMT
x-content-type-options
nosniff
age
232256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18688
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 04:03:26 GMT
Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31f1c8437b4a34d4b4d66c59927d16774fb6197faf13dbd7b04758a2afdbad0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 04:00:51 GMT
x-content-type-options
nosniff
age
232411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18564
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:29:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 04:00:51 GMT
truncated
/ 		98 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
473b9fbb17fa7755c34ae89223bb3d75e7c9220cb31cae32e5838eae3b5814fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		84 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d87e9a5f66c1631a2b24f3ae74e4ffbedf00b643d1c57bded3c119773dcb0968

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		98 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6440fc0195f3b55d6745b071f7fc9201aa74fe10a6bf8e403ef3660552d08aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		99 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3181e593aa1c8a96cdd550ee065310398ea980f29f9582275b9b42110cb116b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		84 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96dfc5f50442cc86b4a34c0776427374af0b3a906c0d1b27ef2916e78b721f13

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		84 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86042f3e488c299da25a01ea2decaf7e796abd7ae4811782a75abc7ee78ee8d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
default-pic.jpg
securityintelligence.com/wp-content/themes/sapphire/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/default-pic.jpg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
2362a2b6663976d80e30679ab74d07731dd20ba8c5adbcae3d1123a6406d8eda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5342
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 14 May 2020 20:55:09 GMT
server
cloudflare
etag
"14de-5a5a1e9841ca6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wILhl7sSu57uvkuURXVSKZO7xaiUGVRuKWAmVsIoU74aLr%2BoHP0ddr3C8k0%2F9LllhdUEZAzUAEe4ApEwC6hVrCn1byRilOSCqD33rqzRxeu48TDqSedp6aFXmT5lKTsRTkBoeaBPlS01%2BxSlYeRP8ZcCU1MXq60%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For,Accept
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
cf-ray
706c41a90a1e713f-YUL
expires
Fri, 05 May 2023 20:34:22 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dca337d11cb99c194e99da0a8780ec4219ff742646b52a49675fffe44f5a7658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 07:11:41 GMT
x-content-type-options
nosniff
age
220961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18196
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 07:11:41 GMT
zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 02:00:16 GMT
x-content-type-options
nosniff
age
239646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18860
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:50:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 02:00:16 GMT
arrow-right.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/themes/sapphire/images/arrow-right.svg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
03d81c05d2b7bcd709563806be145309333dd0f398a91885350953cda5a1a04f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 28 Jan 2021 11:49:18 GMT
server
cloudflare
etag
W/"2e7-5b9f47a46bf4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WputZYRljIukphBqOLIGxtWJqGAnKpW9BrF5k8Ub94yUpIOengMg2h3CyjY9zNimOTo8m0ptmEX9PDT63WVK8ziAICBp4ayuuzsGpcc%2FyiaUseau2%2FnraGOTWKU%2FTuSNpjzXUDIAVQy1ZVctJCojIWDbpyDa7z4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
X-Forwarded-For
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
cf-ray
706c41a97aa9713f-YUL
expires
Fri, 05 May 2023 20:34:22 GMT
Business-team-clapping-for-a-female-colleague-in-meeting-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/03/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/03/Business-team-clapping-for-a-female-colleague-in-meeting-630x330.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
4a4f63fe60b19218be345784bc89f2254b401217dd2c009afe68d4687a2c2364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14005
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22500
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Tue, 08 Mar 2022 14:00:03 GMT
server
cloudflare
etag
"57e4-5d9b565c2087f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCS%2FWSRlM2EYtUMwLzU553IoV5D0sua4%2Fuyfrtc9A0ulGdGdJIRwY61g%2B5AlUE0Jzftflz7BHZEgW%2FQx08j2Ta8Nlhtgvjp%2Bgg6CJmAKrogQzQ6nrl3aNzvZwdIQHl6SomPToqYUMeEV6oEMvhjF2AZ6bZnzKHA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
706c41a97aab713f-YUL
expires
Fri, 05 May 2023 16:40:56 GMT
Cloud-Native-Security-Controls-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/04/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/04/Cloud-Native-Security-Controls-630x330.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
400dd9c39d2d01ed976237c79a8ad0c20be47971a0467f2269c8ebe55567bcc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14005
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21016
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Mon, 11 Apr 2022 12:00:04 GMT
server
cloudflare
etag
"5218-5dc5faf46ad91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDcdKnpWLS7%2FVv%2FeXgZtplTirfbwZk%2FQoZtxK7oLmvuaIo7TutQg0rhZCm6pg8h1PnDQ0wzyav7%2FUoVExcbNTzscEXf0IQ%2FlZb7g2%2BnL6sJ1G6k3WkOcj%2BdkGOtm0zCxwiYZkWHjiJLXYsKvrGS%2F8ht%2FGq%2BJpwk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
706c41a97aaf713f-YUL
expires
Fri, 05 May 2023 16:40:57 GMT
Cybercriminal-creating-malicious-software-typing-on-laptop-keypad-closeup-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/02/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/02/Cybercriminal-creating-malicious-software-typing-on-laptop-keypad-closeup-630x330.jpeg.webp
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
54d3e6fd6df1340fa8bfe759ccbf99d178b5bebe49ef39bc4ef0ba99f0420c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14005
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10680
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Thu, 24 Feb 2022 22:11:22 GMT
server
cloudflare
etag
"29b8-5d8cadcbe6382"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfHkZsorv6iKgWlutIDg7X5Q%2FZepngJTWqX42Q9aux1Vq7E9ycjfdI6qxwJGoAZgpDv3kDG%2FyCSmjBj4X2z8%2Fsnj8YDg%2BfJfBJ%2BhpCbdO7xBDfCXzOUjen%2BZjNg1kfhHQqq5igF0C%2Bj69VGtLS73pTPhJotHrCg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For, Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
706c41a97ab2713f-YUL
expires
Fri, 05 May 2023 16:40:56 GMT
Zz05YTU4OTJlMDk1YmIxMWVjYjliMzAyNDgwOWY4NWE5MQ==
images-cdn.welcomesoftware.com/ 		306 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-cdn.welcomesoftware.com/Zz05YTU4OTJlMDk1YmIxMWVjYjliMzAyNDgwOWY4NWE5MQ==?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOlsiOWE1ODkyZTA5NWJiMTFlY2I5YjMwMjQ4MDlmODVhOTEiXSwiZXhwIjoxNjQ1NzQ3NzE0fQ.hs8x8-hYpSz8MeFOeihxR8k4VRkfoQ9nHH85bhb2JLE
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:2000:f:fcff:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b5f4df0247e5df3b3b83ca6e660e00a736a45c36b07edd571bb6d209744d3c09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 05 May 2022 20:34:22 GMT
via
1.1 7e35b683005d768b7c720f84f8a9e476.cloudfront.net (CloudFront)
last-modified
Thu, 24 Feb 2022 21:49:12 GMT
server
nginx
x-amz-cf-pop
EWR53-C1
etag
"c07c7a61edf86673dd01110d2d53c26a"
x-cache-status
MISS
x-cache
Miss from cloudfront
x-amz-version-id
rEPaO6QEBHnbURgqfekgkYLfBP3Rr7Q.
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/png
content-length
313116
x-amz-cf-id
6OnrvcFRbMQMC2LxGY5SzXU8Qe9-Xdn54JqPPLBKVB3tVvpePM20sg==
Zz1hNzMwNWI0Mjk1YmIxMWVjYWRjYzg2NDNiOWZjODVjNA==
images-cdn.welcomesoftware.com/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-cdn.welcomesoftware.com/Zz1hNzMwNWI0Mjk1YmIxMWVjYWRjYzg2NDNiOWZjODVjNA==?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOlsiYTczMDViNDI5NWJiMTFlY2FkY2M4NjQzYjlmYzg1YzQiXSwiZXhwIjoxNjQ1NzQ3NzE0fQ.Prim22fYjynqhVcw_w5jtkjkMs3tKHGB4FEQUd7AMYE
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:2000:f:fcff:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4592c521f52bd17d12a3df2183effd3603f70b5db98edfcf3f739a72e80c5d16

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:11:10 GMT
via
1.1 7e35b683005d768b7c720f84f8a9e476.cloudfront.net (CloudFront)
age
930192
x-amz-server-side-encryption
AES256
x-cache-status
MISS
x-cache
Hit from cloudfront
content-length
20813
last-modified
Thu, 24 Feb 2022 21:49:34 GMT
server
nginx
etag
"fb3b546d99e3340e058ad6e7ab3de501"
x-amz-version-id
eeRdRLHdCdUwrjkGu67KK.c.FJhA0KeO
access-control-allow-origin
*
x-amz-cf-pop
EWR53-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
lIKASVcf_EpCYq8CqsuHlCmP_6YOjW2GIqi4f8hYaQB4Za1waLHYBQ==
zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
681e885d2baf3a5865cfa1fd6b9e5855b8a104b379208852b595c4e72f2c54b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 06:42:44 GMT
x-content-type-options
nosniff
age
222698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19436
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 06:42:44 GMT
600X1200_THINK.jpg
securityintelligence.com/wp-content/uploads/2022/05/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityintelligence.com/wp-content/uploads/2022/05/600X1200_THINK.jpg
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.1
Resource Hash
45f4c2fae7bbd2ddf1f325f895082dbf9f33bdeccd39230df871e8c29f711cc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/2.2.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13358
x-xss-protection
1; mode=block
pragma
public
referrer-policy
same-origin
last-modified
Wed, 04 May 2022 20:53:51 GMT
server
cloudflare
etag
"342e-5de35d296faef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vSE8HwBp3VSFI%2FGVYW24wuKD5ZufmxC8BH0homuWl5Wfxtm67i1WbKZuBUecdiYKIBOgQjkzHoc9B7lTFh1Zdlvg6REhhLV8Reu7n3vwnqQp9W64dofnPtYZljLZljfO1VX%2FyflIIVsLiPTFUnfjDqgapErdCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
X-Forwarded-For,Accept
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
cf-ray
706c41aa1b9c713f-YUL
expires
Fri, 05 May 2023 20:34:22 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143580012-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6628
date
Thu, 05 May 2022 18:43:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 05 May 2022 20:43:54 GMT
ww.js
cdn.ampproject.org/rtv/012204221712000/ 		51 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012204221712000/ww.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c26a1ecfdd21efb4558aa563fc2037aa8a882b7940dd2e2c459e43da2d1804f5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
177509
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14416
x-xss-protection
0
server
sffe
date
Tue, 03 May 2022 19:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"eafc013670925d26"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 03 May 2023 19:15:53 GMT
/
api.www.s81c.com/webmaster/dbip/ 		427 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.www.s81c.com/webmaster/dbip/?callback=_dl.fn.userIpData.callback
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.144.15 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-144-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fa65ae4b632714fe246c34a2c886c18d143750b5ad4c17ccb791b0e19c796c20

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:34:22 GMT
Server
Apache
X-Backside-Transport
OK OK
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
X-Global-Transaction-ID
63cd456d627434ce218c5d7f
Connection
keep-alive
Content-Length
427
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1566131429&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&ul=en-us&de=UTF-8&dt=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1968902845&gjid=1825172361&cid=1429598877.1651782863&tid=UA-143580012-4&_gid=2060492580.1651782863&_r=1&gtm=2ou540&did=dZTNiMT&gdid=dZTNiMT&z=1514764164
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:34:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
4e24a2e4-51b0-4059-88c9-ee4a397011b2
https://securityintelligence.com/ 		51 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://securityintelligence.com/4e24a2e4-51b0-4059-88c9-ee4a397011b2
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fa2d11bed34d550c0eabb21ba6a8e71433b94a92337856952283c83fe18ece4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
52026
Content-Type
text/javascript
collect
stats.g.doubleclick.net/j/ 		1 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-143580012-4&cid=1429598877.1651782863&jid=1968902845&gjid=1825172361&_gid=2060492580.1651782863&_u=YGBACUAABAAAAC~&z=2069716165
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 05 May 2022 20:34:22 GMT
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
p_85e1c2b3e06b87ddd5b2d9723a0213354253e4b2691412fad82df3b24daf6e5b.js
tags.tiqcdn.com/dle/ibm/web/ 		3 B
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/dle/ibm/web/p_85e1c2b3e06b87ddd5b2d9723a0213354253e4b2691412fad82df3b24daf6e5b.js
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:22 GMT
last-modified
Thu, 02 Feb 2017 22:12:19 GMT
server
AmazonS3
x-amz-request-id
67ZS9XZCYQAH72SS
etag
"b519d08ef66fd54910edbedba6181ec2"
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
3
x-amz-id-2
Z3ssKqjHMlC9kNW1dTm2+vugh35kk3kIu2QTyVvQO57nQkNumOZgQWVH+EkZJn3mbCxPk4qJ+xw=
expires
Thu, 05 May 2022 20:39:22 GMT
bmaid
cloud.ibm.com/analytics/ 		48 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloud.ibm.com/analytics/bmaid
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.0.31.227 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-31-227.deploy.static.akamaitechnologies.com
Software
undefined / Express
Resource Hash
ea535f19f06f7d62ccbfc384f87406cd84e4c896ac6815eb9da53f71e390b46a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-powered-by
Express
x-envoy-upstream-service-time
9
server-timing
cdn-cache; desc=MISS, edge; dur=76, origin; dur=13
content-length
48
x-xss-protection
1; mode=block
x-request-id
undefined
x-response-time
1.638
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
undefined
etag
W/"30-LxI8pDtpNqjunjvoXyXaKSPY/gQ"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
date
Thu, 05 May 2022 20:34:22 GMT
expires
0
dbdm-data
www-api.ibm.com/cookie-sync/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www-api.ibm.com/cookie-sync/dbdm-data?callback=_dl.fn.dataSync.callback
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:5000:6a8::b3a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ Express
Resource Hash
c293dd767ec7cbd73e2a44a205433e08818fed8259a060805a8b063dc33b456a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Express
etag
W/"849-Rkx2/FcdkvYX5oQRsLonLvuukLg"
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
x-backside-transport
OK OK
cache-control
no-cache, no-store, must-revalidate
x-global-transaction-id
027fcd6f627434ce20b39967
strict-transport-security
max-age=15768000
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
content-length
1643
x-xss-protection
1; mode=block
utag.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		334 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Requested by
Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ida_stats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
96f4362517cb538ba594daaabe769b31a8254271c134973ef7205616a2f69376

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
last-modified
Sun, 01 May 2022 11:31:28 GMT
server
AkamaiNetStorage
etag
"6376f64003ad23fc2687f064615647f6:1651404688.026096"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Thu, 05 May 2022 20:39:23 GMT
id
dpm.demdex.net/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=D10F27705ED7F5130A495C99%40AdobeOrg&d_nsid=0&ts=1651782863145
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.7.121 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-7-121.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
be293c6af47f74d305c18a649df1d818d09e4b0a036046a9af24843008af1b34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-2-v028-0bee8d00e.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
G99CZgEISZA=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://securityintelligence.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
602
Expires
Thu, 01 Jan 1970 00:00:00 UTC
utag.28.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.28.js?utv=ut4.46.201803300231
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2e7f5342105b392a295080c87c345965fa5f4dea75ca8af10584bcac7c8d48a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
last-modified
Fri, 30 Mar 2018 02:32:36 GMT
server
AkamaiNetStorage
etag
"1ac4cbb8e65e89874c50b9129b8afbec:1522377156"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1123
expires
Fri, 20 May 2022 20:34:23 GMT
utag.162.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		52 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.162.js?utv=ut4.46.202204060605
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e57b4f20189b81d0b529481def6b7bddf6ad1fa33e9a6ed808d2a9d28e479334

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
last-modified
Wed, 06 Apr 2022 06:06:07 GMT
server
AkamaiNetStorage
etag
"50e5ea9dd113ee8f032c1a5694c0da5c:1649225167.439819"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
11700
expires
Fri, 20 May 2022 20:34:23 GMT
utag.24.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.24.js?utv=ut4.46.202004021713
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7bf8c8af5f6bd977c4618843d6f103ef01162da38c8cc27b5f292549c9a1ca7d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 17:13:24 GMT
server
AkamaiNetStorage
etag
"02fbc106ee77dce39296914d62393bed:1585847604.52902"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1774
expires
Fri, 20 May 2022 20:34:23 GMT
utag.53.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.53.js?utv=ut4.46.201706292022
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
90596b3d8081c6c46f53c00cc4215ccb61cadd6b0268bc2f9fe553c35774753d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
last-modified
Thu, 22 Mar 2018 04:18:05 GMT
server
AkamaiNetStorage
etag
"d2c69618305280734e4c67c71a0bc28a:1521692285"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1534
expires
Fri, 20 May 2022 20:34:23 GMT
utag.184.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
deb89b2cb1badbd9a684e6aed8409d4d7e7a9ef9d863b95c1116755a307a5f5a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
last-modified
Sat, 17 Oct 2020 02:42:47 GMT
server
AkamaiNetStorage
etag
"08b869489660d7180fcf95dfb594c231:1602902567.648186"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
5192
expires
Fri, 20 May 2022 20:34:23 GMT
utag.136.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.136.js?utv=ut4.46.201808201700
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e10c0bc79c425822dac76b3b3d381f523bc1a548b922ee73ce3435ef45c2ae6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
last-modified
Fri, 20 Jul 2018 14:28:36 GMT
server
AkamaiNetStorage
etag
"301f64e7791ec492b32864ff8aa6e6f9:1532096916"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
904
expires
Fri, 20 May 2022 20:34:23 GMT
utag.94.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.94.js?utv=ut4.46.202203221853
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
898413f0d39495364dbf2fea8d75f90c5e59196b8a659f4cd3b97d5e0a491367

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 18:51:07 GMT
server
AkamaiNetStorage
etag
"8ccdd1c1ded6e3886b782d50d3a61e1f:1592938267.587209"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1779
expires
Fri, 20 May 2022 20:34:23 GMT
utag.167.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.167.js?utv=ut4.46.202101200115
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
54e73aef7b2b0ccad0cdbfc30b6c82a011948df3827919196a0f27893ce5d5c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
last-modified
Wed, 20 Jan 2021 01:15:17 GMT
server
AkamaiNetStorage
etag
"b092f8c901d8afecfb07a4e7f929ef3e:1611105317.621153"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
2421
expires
Fri, 20 May 2022 20:34:23 GMT
utag.178.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.178.js?utv=ut4.46.202008241237
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fe286d4418ea555bb568a81ebcaab56560fc7d076eda46a790290db0c942e708

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 12:38:05 GMT
server
AkamaiNetStorage
etag
"1cc26c17c372c047fcf985d11b6f06f2:1598272685.212586"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1380
expires
Fri, 20 May 2022 20:34:23 GMT
utag.181.js
tags.tiqcdn.com/utag/ibm/web/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/ibm/web/prod/utag.181.js?utv=ut4.46.202010301425
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e1b1e30b7778a859a6584d608645bf5d8402cf53fcf078b55fe617a117fec429

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
last-modified
Fri, 30 Oct 2020 14:25:44 GMT
server
AkamaiNetStorage
etag
"32e783cf592aaffb0bf09fc95b475ed0:1604067944.853384"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1025
expires
Fri, 20 May 2022 20:34:23 GMT
rum
securityintelligence.com/cdn-cgi/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securityintelligence.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:86d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type
application/json

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
706c41aeda23713f-YUL
vary
Origin
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ibm/web/202205011130&cb=1651782863279
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Thu, 05 May 2022 20:44:23 GMT
notice
consent.truste.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.truste.com/notice?c=teconsent&domain=ibm.com&country=CA&state=QC&language=en-US&text=true&pcookie&cdn=1&gtm=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.39.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-39-121.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
2135ae57a0c272a51f7fe61f2f8dc3ea4ac1f12188a4ef67e779f0aeb3372a35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
EWR52-C4
x-cache
Miss from cloudfront
cloudfront-viewer-country
CA
vary
Accept-Encoding, Origin
content-length
3687
x-xss-protection
1; mode=block
timing-allow-origin
*
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 8974e61a4a7de3ae4569bb22e6553854.cloudfront.net (CloudFront)
cache-control
max-age=3600
cloudfront-viewer-country-region
QC
x-amz-cf-id
VRFQWFQn68Mwhk9O-OOVW75oQkFqJGOAX6Hyzmt6lx2kfP7tPXtONA==
expires
Thu, 05 May 2022 21:34:23 GMT
ab057a07.min.js
scripts.demandbase.com/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.demandbase.com/ab057a07.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-89.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
194ea51d8f1ad1c00fbb738c8b400fbd2e4bd652fd578d52c2d6546d59295154
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:27:18 GMT
content-encoding
gzip
vary
Accept-Encoding
age
426
x-cache
Hit from cloudfront
last-modified
Thu, 03 Mar 2022 17:14:48 GMT
server
AmazonS3
etag
W/"49d1fd25b9c43362d42ddee7e253de8f"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-version-id
vDxpEzAYBTn.c6ZE4MKxfkUcOnAaDSzg
via
1.1 0b202e2428f14940b06527255fa020ea.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop
EWR52-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
fWdiFcnrDFSwUgEx8uGdFYmpVqEEYxhEtg_tqkjrt-elbksEXXM6mQ==
js
www.googletagmanager.com/gtag/ 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-143580012-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143580012-4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
42115041cb8e5081d9237c9fd443f09d6dcd2f4fbd9e1fae6aba86135279a4d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40734
x-xss-protection
0
last-modified
Thu, 05 May 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 May 2022 20:34:23 GMT
js
pixel.mathtag.com/event/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_pp=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.196.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-208.deploy.static.akamaitechnologies.com
Software
MT3 4390 fb8620d master iad-pixel-x13 config:1.0.0 /
Resource Hash
8d4a8fd92a0381d2c534abe994beba126da9eb4b5de49412c78a06ee4c730c20

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:34:23 GMT
Server
MT3 4390 fb8620d master iad-pixel-x13 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
2487
Expires
Thu, 05 May 2022 20:34:22 GMT
i.gif
collect.tealiumiq.com/ibm/main/2/ 		43 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.tealiumiq.com/ibm/main/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.11.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-11-134.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryBmcPwnMjLvzM9wmH

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
vary
Origin
x-serverid
uconnect_i-002a7318e7e234c20
x-tid
018095ee48f6001a608768a68ca303073007d06b00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
ibm:main:2:datacloud
x-region
us-east-1
content-length
43
pragma
no-cache
x-did
018095ee48f6001a608768a68ca303073007d06b00b08
content-type
image/gif
access-control-allow-origin
https://securityintelligence.com
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-ulver
9ddd26c71bc2db2d83b5856b0b071fe16bfedd8f-SNAPSHOT
x-uuid
569158f1-7c36-45be-be9b-26fb8ced4aed
expires
Thu, 05 May 2022 20:34:23 GMT
survey.js
1.www.s81c.com/common/stats/ 		93 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.www.s81c.com/common/stats/survey.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:5000:6a8::b3a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
814759860cc987a983b49f360ae29e58b08fda03e86356545d310f44bd8c972c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 15:08:38 GMT
etag
"17462-5d6f646a0ced0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=47519
strict-transport-security
max-age=2592000
accept-ranges
bytes
content-length
27629
expires
Fri, 06 May 2022 09:46:22 GMT
uwt.js
static.ads-twitter.com/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.167.js?utv=ut4.46.202101200115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.208.157 Newark, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
93cc545f534a75a876beccc35125e563e20bb9857714482547fc151f07d57595

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 16:06:31 GMT
etag
"1ce6e12fa6e9b18909e94a06df1ef9cb+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
9561
x-served-by
cache-iad-kiad7000103-IAD, cache-ewr18169-EWR
js
pixel.mathtag.com/sync/ 		237 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/js?cs_jsonp=mmUuidSync&mt_nsync=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.196.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-208.deploy.static.akamaitechnologies.com
Software
MT3 4390 fb8620d master iad-pixel-x28 config:1.0.0 /
Resource Hash
e735a7c94bdce570425aec0d3170a24835423b9e29da0f80aaf6ea192e89c738

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:34:23 GMT
Server
MT3 4390 fb8620d master iad-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
237
Expires
Thu, 05 May 2022 20:34:22 GMT
analytics_c7caef17012f48e99285467c1b6d8423.js
analytics.newscred.com/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.newscred.com/analytics_c7caef17012f48e99285467c1b6d8423.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.181.js?utv=ut4.46.202010301425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.213.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-213-88.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
751896180380ca16602a57ec49a406d5cc510fcf6b584e7a305f79ce176a3770

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 03:06:18 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 18:31:50 GMT
server
AmazonS3
age
62886
etag
W/"623d1e2275a8d998825adc5603a2b200"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 00fd85d5c5d5bd788f272591be9ecbca.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
rf-Haxys9e5mXlAfkEcx6cqQAG4DaMrjScy9SQyZKkQMWwFfTyKuhg==
tpid=2d206274-34cf-4400-84af-7e19ef003f00
sync.crwdcntrl.net/map/ct=y/c=4735/tp=MDMA/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?sync=auto&mt_exid=10040&exsync=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D4735%2Ftp%3DMDMA%2Ftpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/map/c=4735/tp=MDMA/tpid=2d206274-34cf-4400-84af-7e19ef003f00
  • https://sync.crwdcntrl.net/map/ct=y/c=4735/tp=MDMA/tpid=2d206274-34cf-4400-84af-7e19ef003f00
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=4735/tp=MDMA/tpid=2d206274-34cf-4400-84af-7e19ef003f00
Protocol
H2
Server
54.173.43.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-43-128.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:34:23 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.45.198
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 May 2022 20:34:23 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/map/ct=y/c=4735/tp=MDMA/tpid=2d206274-34cf-4400-84af-7e19ef003f00
cache-control
no-cache
x-server
10.40.8.5
content-length
0
expires
0
px.gif
pixel.newscred.com/ 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.newscred.com/px.gif?key=YXJ0aWNsZT1hYWNiOWZlMjk1YWIxMWVjOWNjYjIyMjgyOWRiNTY0NA==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.97.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-97-220.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:34:23 GMT
cache-control
max-age=0, public, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-length
43
content-type
image/gif
d_medallia_survey_configurations.js
tags.tiqcdn.com/dle/ibm/web/ 		71 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/dle/ibm/web/d_medallia_survey_configurations.js?callback=?&_=1651782861988
Requested by
Host: securityintelligence.com
URL: https://securityintelligence.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.216.246 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-246.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6501584349717ee1886cd7175e8f25b57f21f0bf7a6240deff94fdf126f2dc08

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 05 May 2022 20:34:23 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 00:36:32 GMT
server
AmazonS3
x-amz-request-id
VW8CJE5X30D2GQPY
etag
"d2cce9cde19fa1102b902503bf964779"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
14274
x-amz-id-2
TaJ+Q8ZICAQKc/p1adD97Gv4oewq/w99kR9CwmDtkw0/LPOcm3g6PlF26qCOAYhaW9SGGM1R4as=
expires
Thu, 05 May 2022 21:34:23 GMT
adsct
analytics.twitter.com/i/ 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nv8so&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=df0e127a-0e3b-4b6e-a49b-e4dbe1a867f0&tw_document_href=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
6
date
Thu, 05 May 2022 20:34:22 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
625e9da42a13051a2ac1ff9d918d7ef00be88c001ffceefbe2b423d02721377a
content-length
43
adsct
t.co/i/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nv8so&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=df0e127a-0e3b-4b6e-a49b-e4dbe1a867f0&tw_document_href=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
7
date
Thu, 05 May 2022 20:34:22 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
61391398efcb5d2bf77f41a7ecc4009554764093eed32a2949b1e836b351196d
content-length
43
js
pixel.mathtag.com/event/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_pp=2&mt_adid=171815&mt_id=1075167&event_type=catchall&industry=technology&page_name=securityintelligence.com%252Fposts%252Fnew-destructive-malware-cyber-attacks-ukraine&site_language=en-US&version=1.0&search_query=%3Fsocial_post%3D6567161505%26linkId%3D156583495&language=en-CA%2Cen%3Bq%3D0.9&mt_lim=20&document_title=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&location=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&document_path=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&mt_cb=1651782863416
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_pp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.196.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-208.deploy.static.akamaitechnologies.com
Software
MT3 4390 fb8620d master iad-pixel-x25 config:1.0.0 /
Resource Hash
b305539879bd932b13af03f2c7a38294572f4a664ecc77e83126d59297ef554a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:34:23 GMT
Server
MT3 4390 fb8620d master iad-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1436
Expires
Thu, 05 May 2022 20:34:22 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143580012-1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6629
date
Thu, 05 May 2022 18:43:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 05 May 2022 20:43:54 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1566131429&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&dr=None&dp=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&ul=en-us&de=UTF-8&dt=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDACUABBAAAAC~&jid=14559123&gjid=1063540111&cid=1429598877.1651782863&uid=bd9281f1-849f-49e0-bd52-a81d0c079b9c&tid=UA-143580012-1&_gid=2060492580.1651782863&_r=1&gtm=2ou540&did=dZTNiMT&gdid=dZTNiMT&cd1=0&cd2=SECURITYINTELLIGENCE&cd3=bd9281f1-849f-49e0-bd52-a81d0c079b9c&cd5=e8ea16cf-eb93-46af-9698-f8efd7df39bd&cd6=1651782863095&cd12=securityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine&cd13=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&cd16=None&cd17=None&cd19=custom%20DELIVERY%3AWordPress%20AUTHORING%3AHand%20coded&cd31=en-US&cd34=url-85e1c2b3e06b87ddd5b2d9723a0213354253e4b2691412fad82df3b24daf6e5b&cd35=1651782862454&cd37=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&cd39=Malware&cd69=prod&cd90=2%3A&cm54=1&cd122=6567161505&z=684923794
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:34:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1566131429&t=pageview&_s=2&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&dp=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&ul=en-us&de=UTF-8&dt=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDACUABBAAAAC~&jid=&gjid=&cid=1429598877.1651782863&uid=bd9281f1-849f-49e0-bd52-a81d0c079b9c&tid=UA-143580012-4&_gid=2060492580.1651782863&gtm=2ou540&did=dZTNiMT&gdid=dZTNiMT&cd6=1651782863095&cd19=custom%20DELIVERY%3AWordPress%20AUTHORING%3AHand%20coded&cm54=1&cd122=6567161505&z=1585908797
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 14:35:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21516
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1566131429&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&dr=None&dp=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&ul=en-us&de=UTF-8&dt=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=MediaMath&ea=MediaMath_Sync_Pixel&el=securityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine&ev=0&_u=6GDACUABBAAAAC~&jid=&gjid=&cid=1429598877.1651782863&uid=bd9281f1-849f-49e0-bd52-a81d0c079b9c&tid=UA-143580012-1&_gid=2060492580.1651782863&gtm=2ou540&did=dZTNiMT&gdid=dZTNiMT&cd1=0&cd2=SECURITYINTELLIGENCE&cd3=bd9281f1-849f-49e0-bd52-a81d0c079b9c&cd5=e8ea16cf-eb93-46af-9698-f8efd7df39bd&cd12=securityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine&cd13=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&cd16=None&cd17=None&cd31=en-US&cd34=url-85e1c2b3e06b87ddd5b2d9723a0213354253e4b2691412fad82df3b24daf6e5b&cd35=1651782862454&cd37=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&cd39=Malware&cd40=non-std&cd60=false&cd68=false&cd69=prod&cd90=2%3A&cm54=0&cd41=MEDIAMATH&cd42=null&cd46=2ebf6274-34cf-4d00-b54a-1647af29baaa&cd48=1651782863395&cd49=003aaee0-ac31-9512-81c0-aee0ac3181c0&cd103=2ebf6274-34cf-4d00-b54a-1647af29baaa&z=1868462840
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 14:35:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21516
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
018095ee48f6001a608768a68ca303073007d06b00b08
visitor-service-us-east-1.tealiumiq.com/ibm/main/ 		27 B
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor-service-us-east-1.tealiumiq.com/ibm/main/018095ee48f6001a608768a68ca303073007d06b00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1651782863470
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.123.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-123-240.compute-1.amazonaws.com
Software
/
Resource Hash
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-version
9ddd26c71bc2db2d83b5856b0b071fe16bfedd8f-SNAPSHOT
date
Thu, 05 May 2022 20:34:23 GMT
x-region
us-east-1
content-length
27
strict-transport-security
max-age=31536000; includeSubdomains
x-nodeid
i-0fe7553cfb68226ad
content-type
application/javascript; charset=utf-8
dest5.html
ibm.demdex.net/ Frame ED9F 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ibm.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.223.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-223-37.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-2-v028-049a36151.edge-usw2.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
JvwxORV9Q7M=
content-encoding
gzip
date
Thu, 5 May 2022 20:34:23 GMT
last-modified
Wed, 27 Apr 2022 09:29:40 GMT
transfer-encoding
chunked
vary
accept-encoding
ibs:dpid=411&dpuuid=YnQ0zwAAAEIaNQPl
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=81771582576142115964213829300610561306
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnQ0zwAAAEIaNQPl
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnQ0zwAAAEIaNQPl
Protocol
HTTP/1.1
Server
54.186.7.121 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-7-121.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v028-093f87494.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
bd8Bu3GeQIU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YnQ0zwAAAEIaNQPl
Date
Thu, 05 May 2022 20:34:23 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-143580012-1&cid=1429598877.1651782863&jid=14559123&uid=bd9281f1-849f-49e0-bd52-a81d0c079b9c&gjid=1063540111&_gid=2060492580.1651782863&_u=6GDACUABBAAAAC~&z=507797316
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 05 May 2022 20:34:23 GMT
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1.7-458
consent.trustarc.com/asset/notice.js/v/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-458
Requested by
Host: consent.truste.com
URL: https://consent.truste.com/notice?c=teconsent&domain=ibm.com&country=CA&state=QC&language=en-US&text=true&pcookie&cdn=1&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-102.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
0e04f8170ba222625c05aef2e88adfae07ace87e4cf95c4370d0cbcab8046baf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Origin
https://securityintelligence.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 19:56:23 GMT
content-encoding
gzip
vary
Accept-Encoding
age
2280
x-cache
Hit from cloudfront
pragma
public
access-control-allow-origin
*
last-modified
Wed, 27 Apr 2022 01:43:38 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
via
1.1 9e89086b4bc4697bea1e1dec6ddc5c5c.cloudfront.net (CloudFront)
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-pop
JFK51-C1
timing-allow-origin
*
x-amz-cf-id
-SIKrb_7Ztv3zrGvNNO76kvBXjl8xwLpzmryn4N64Mwjvmoz1Uk9-g==
expires
Sat, 04 Jun 2022 19:56:23 GMT
get
consent.trustarc.com/ Frame FAB5 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=crossdomain.html&domain=ibm.com
Requested by
Host: consent.truste.com
URL: https://consent.truste.com/notice?c=teconsent&domain=ibm.com&country=CA&state=QC&language=en-US&text=true&pcookie&cdn=1&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-102.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1077
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 05 May 2022 20:16:26 GMT
expires
Sat, 04 Jun 2022 20:16:26 GMT
pragma
public
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding Origin
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
x-amz-cf-id
JFzN4-FEfniLb-0x0tDOOZp9lAsR3Q9wwm_KFM8V_gZgP6hHOQRRIA==
x-amz-cf-pop
JFK51-C1
x-cache
Hit from cloudfront
log
consent.trustarc.com/ 		43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=ibm.com&country=ca&state=&behavior=implied&c=6bee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-102.jfk51.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:34:23 GMT
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
JFK51-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=31536000; includeSubDomains
content-length
43
x-amz-cf-id
MF_o7zzhD-WSN6Rmt4izN-6s-rGdhQ_7WpHNwc-fYAUXTkZho_ZRzQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=0&a=1566131429&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&dp=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&ul=en-us&de=UTF-8&dt=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDACUABBAAAAC~&jid=42017950&gjid=206786817&cid=1429598877.1651782863&tid=UA-150713566-56&_gid=2060492580.1651782863&_r=1&_slc=1&cd1=aacb9fe295ab11ec9ccb222829db5644&cd12=c7caef17012f48e99285467c1b6d8423&cd13=(not%20set)&cd16=(not%20set)&cd17=(not%20set)&cd15=700f8f46-ea2c-4bc6-9478-7e42668c0181&cd14=aacb9fe295ab11ec9ccb222829db5644&z=488117184
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 May 2022 20:34:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityintelligence.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=0&a=1566131429&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&dp=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&ul=en-us&de=UTF-8&dt=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll-depth&ea=0&_u=6GDACUABBAAAAC~&jid=&gjid=&cid=1429598877.1651782863&tid=UA-150713566-56&_gid=2060492580.1651782863&cd1=aacb9fe295ab11ec9ccb222829db5644&cd12=c7caef17012f48e99285467c1b6d8423&cd13=(not%20set)&cd16=(not%20set)&cd17=(not%20set)&cd15=700f8f46-ea2c-4bc6-9478-7e42668c0181&cd14=aacb9fe295ab11ec9ccb222829db5644&z=1250552011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 14:35:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21516
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
validateCookie
segments.company-target.com/
Redirect Chain
  • https://id.rlcdn.com/464526.gif
  • https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCM_p0JMGEgUI6AcQAEIASgA
  • https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297adXcqtzyO9ylWHGZoNwhtarqp_IJ_sh3TY6cVBeevgs
  • https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297adXcqtzyO9ylWHGZoNwhtarqp_IJ_sh3TY6cVBeevgs&verifyHash=c4266a5ee266d9170ddb6e925e212eddd58804e1
26 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297adXcqtzyO9ylWHGZoNwhtarqp_IJ_sh3TY6cVBeevgs&verifyHash=c4266a5ee266d9170ddb6e925e212eddd58804e1
Protocol
HTTP/1.1
Server
13.225.223.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-120.jfk51.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:34:23 GMT
Via
1.1 b0a0e0d22a21f33ff74219a7ecf1d55e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK51-C1
Vary
Origin
X-Cache
Miss from cloudfront
Content-Type
image/gif
Transfer-Encoding
chunked
Connection
keep-alive
trace-id
381e724b7e8a3451
X-Amz-Cf-Id
sGOuFg6sjIpD7yDFFVutJTYUfSo-KOK-9zr0e6333x6IfFBiagwRvA==

Redirect headers

Date
Thu, 05 May 2022 20:34:23 GMT
Via
1.1 b0a0e0d22a21f33ff74219a7ecf1d55e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK51-C1
Vary
Origin
X-Cache
Miss from cloudfront
Location
/validateCookie?vendor=liveramp&user_id=Xc1297adXcqtzyO9ylWHGZoNwhtarqp_IJ_sh3TY6cVBeevgs&verifyHash=c4266a5ee266d9170ddb6e925e212eddd58804e1
Connection
keep-alive
trace-id
8b3a632fab04bb2f
Content-Length
0
X-Amz-Cf-Id
LGcAtLbVxlLRk1LhfbS5Ogyx9EdCcRUJaBkRH0Y9eFx7RoarqDT3-A==
ip.json
api.company-target.com/api/v2/ 		432 B
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&page_title=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&src=tag&auth=3bBgqVBte1TTf45vQSDHciEuWvwlaJSrT1DMWtRI
Requested by
Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/ab057a07.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.126.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-126-33.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
8143504aa0343cd3d72cb2dc971a0c6bb7ceeb28d2f20970e24527988659139f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
identification-source
CENTRAL
vary
Accept-Encoding, Origin
x-amz-cf-pop
EWR52-C3
x-cache
Miss from cloudfront
request-id
ea8a91ff-e0d0-4b36-b3fc-1bcc47d737af
content-encoding
gzip
pragma
no-cache
access-control-allow-origin
https://securityintelligence.com
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
via
1.1 71bfaca5ce51bb05b39690ef2b0a4af2.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
OxD_N_5esB9_enfd4o9zrsietVQ-kSrepZ5ddQFC8CNh3lmjhfLBAA==
expires
Wed, 04 May 2022 20:34:23 GMT
i.gif
collect.tealiumiq.com/ibm/main/2/ 		43 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.tealiumiq.com/ibm/main/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.11.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-11-134.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryO2FoAa2k1UkAYnVJ

Response headers

date
Thu, 05 May 2022 20:34:23 GMT
vary
Origin
x-serverid
uconnect_i-0fdf9d11dbb8aba7b
x-tid
018095ee48f6001a608768a68ca303073007d06b00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
ibm:main:2:datacloud
x-region
us-east-1
content-length
43
pragma
no-cache
x-did
018095ee48f6001a608768a68ca303073007d06b00b08
content-type
image/gif
access-control-allow-origin
https://securityintelligence.com
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-ulver
9ddd26c71bc2db2d83b5856b0b071fe16bfedd8f-SNAPSHOT
x-uuid
fb3fffdf-d3ce-452c-8cf9-8556898eba0e
expires
Thu, 05 May 2022 20:34:23 GMT
018095ee48f6001a608768a68ca303073007d06b00b08
visitor-service-us-east-1.tealiumiq.com/ibm/main/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor-service-us-east-1.tealiumiq.com/ibm/main/018095ee48f6001a608768a68ca303073007d06b00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1651782863781
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.123.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-123-240.compute-1.amazonaws.com
Software
/
Resource Hash
d1fd9e578963e44ce42bdff28b21acb83b96d4f7e956551af842cc1fe3537550
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-version
9ddd26c71bc2db2d83b5856b0b071fe16bfedd8f-SNAPSHOT
date
Thu, 05 May 2022 20:34:23 GMT
x-region
us-east-1
content-length
1459
strict-transport-security
max-age=31536000; includeSubdomains
x-nodeid
i-0ee908ce8a87f0ba3
content-type
application/javascript; charset=utf-8
iframe
pixel.mathtag.com/sync/ Frame 37A1 		631 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=2d206274-34cf-4400-84af-7e19ef003f00&no_iframe=1&mt_adid=171815&mt_lim=20&skipsync=10090&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_pp=2&mt_adid=171815&mt_id=1075167&event_type=catchall&industry=technology&page_name=securityintelligence.com%252Fposts%252Fnew-destructive-malware-cyber-attacks-ukraine&site_language=en-US&version=1.0&search_query=%3Fsocial_post%3D6567161505%26linkId%3D156583495&language=en-CA%2Cen%3Bq%3D0.9&mt_lim=20&document_title=IBM%20Security%20X-Force%20Research%20Advisory%3A%20New%20Destructive%20Malware%20Used%20In%20Cyber%20Attacks%20on%20Ukraine&location=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F%3Fsocial_post%3D6567161505%26linkId%3D156583495&document_path=%2Fposts%2Fnew-destructive-malware-cyber-attacks-ukraine%2F&mt_cb=1651782863416
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.196.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-208.deploy.static.akamaitechnologies.com
Software
MT3 4390 fb8620d master iad-pixel-x28 config:1.0.0 /
Resource Hash
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
631
Content-Type
text/html
Date
Thu, 05 May 2022 20:34:23 GMT
Expires
Thu, 05 May 2022 20:34:22 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4390 fb8620d master iad-pixel-x28 config:1.0.0
img
pixel.mathtag.com/misc/ 		43 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.196.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-208.deploy.static.akamaitechnologies.com
Software
MT3 4390 fb8620d master iad-pixel-x1 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:34:23 GMT
Server
MT3 4390 fb8620d master iad-pixel-x1 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 05 May 2022 20:34:22 GMT
img
pixel.mathtag.com/misc/ Frame 37A1 		43 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=2d206274-34cf-4400-84af-7e19ef003f00&no_iframe=1&mt_adid=171815&mt_lim=20&skipsync=10090&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.200.196.208 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-208.deploy.static.akamaitechnologies.com
Software
MT3 4390 fb8620d master iad-pixel-x23 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=2d206274-34cf-4400-84af-7e19ef003f00&no_iframe=1&mt_adid=171815&mt_lim=20&skipsync=10090&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 20:34:23 GMT
Server
MT3 4390 fb8620d master iad-pixel-x23 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 05 May 2022 20:34:22 GMT
ibs:dpid=269&dpuuid=2d206274-34cf-4400-84af-7e19ef003f00&ddsuuid=81771582576142115964213829300610561306
dpm.demdex.net/ Frame ED9F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=81771582576142115964213829300610561306&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d81771582576142...
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=2d206274-34cf-4400-84af-7e19ef003f00&ddsuuid=81771582576142115964213829300610561306
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=269&dpuuid=2d206274-34cf-4400-84af-7e19ef003f00&ddsuuid=81771582576142115964213829300610561306
Protocol
HTTP/1.1
Server
54.186.7.121 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-7-121.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ibm.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v028-07cd19e76.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
rAcgx8RdTcA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Thu, 05 May 2022 20:34:23 GMT
Server
MT3 4390 fb8620d master ord-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=269&dpuuid=2d206274-34cf-4400-84af-7e19ef003f00&ddsuuid=81771582576142115964213829300610561306
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 05 May 2022 20:34:22 GMT
ibs:dpid=477&dpuuid=ef22562eeb6f1e59cd42e7759ea4560875cc6942a37c1c68967559372320f06eb0da87c991749652
dpm.demdex.net/ Frame ED9F
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=81771582576142115964213829300610561306
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=ef22562eeb6f1e59cd42e7759ea4560875cc6942a37c1c68967559372320f06eb0da87c991749652
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=ef22562eeb6f1e59cd42e7759ea4560875cc6942a37c1c68967559372320f06eb0da87c991749652
Protocol
HTTP/1.1
Server
54.186.7.121 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-7-121.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ibm.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v028-0e0a2f6a1.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
HMRju+eASu8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Thu, 05 May 2022 20:34:24 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=ef22562eeb6f1e59cd42e7759ea4560875cc6942a37c1c68967559372320f06eb0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adsct
analytics.twitter.com/i/ Frame ED9F 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=81771582576142115964213829300610561306&p_id=38594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ibm.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
5
date
Thu, 05 May 2022 20:34:23 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
625e9da42a13051a2ac1ff9d918d7ef00be88c001ffceefbe2b423d02721377a
content-length
43
ibs:dpid=1957&dpuuid=14FE43185DFE6DF72C6F52835CD46C3A
dpm.demdex.net/ Frame ED9F
Redirect Chain
  • https://c.bing.com/c.gif?uid=81771582576142115964213829300610561306&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=14FE43185DFE6DF72C6F52835CD46C3A
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=14FE43185DFE6DF72C6F52835CD46C3A
Protocol
HTTP/1.1
Server
54.186.7.121 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-7-121.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ibm.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v028-0cc4da5ab.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4Ow0sYmVTxM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 05 May 2022 20:34:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 276DE331368940CA9D42D64DFCA6FA60 Ref B: YTO01EDGE0420 Ref C: 2022-05-05T20:34:24Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=14FE43185DFE6DF72C6F52835CD46C3A
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ibs:dpid=22052&dpuuid=3626996926823006220
dpm.demdex.net/ Frame ED9F
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626996926823006220
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626996926823006220
Protocol
HTTP/1.1
Server
54.186.7.121 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-7-121.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ibm.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v028-0bee8d00e.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ZQ9p7dHcQrs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 05 May 2022 20:34:23 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
location
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3626996926823006220
cache-control
private
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185
expires
0,Fri, 06 May 2022 16:34:24 GMT
Zz1iMjQ2YWE0MDk1YmIxMWVjODVhMTg2NDNiOWZjODVjNA==
images-cdn.welcomesoftware.com/ 		299 KB
300 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-cdn.welcomesoftware.com/Zz1iMjQ2YWE0MDk1YmIxMWVjODVhMTg2NDNiOWZjODVjNA==?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOlsiYjI0NmFhNDA5NWJiMTFlYzg1YTE4NjQzYjlmYzg1YzQiXSwiZXhwIjoxNjQ1NzQ3NzE0fQ.YAwpNoKc4V1SsFPQod8k1LW_sqNFiMSgN52dfsyLP7o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:2000:f:fcff:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
054a691210127056d3210996fae440364403edfef904affa979214ee9322637b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://securityintelligence.com/posts/new-destructive-malware-cyber-attacks-ukraine/?social_post=6567161505&linkId=156583495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 05 May 2022 20:34:28 GMT
via
1.1 7e35b683005d768b7c720f84f8a9e476.cloudfront.net (CloudFront)
last-modified
Thu, 24 Feb 2022 21:49:52 GMT
server
nginx
x-amz-cf-pop
EWR53-C1
etag
"4bf92e47e91b343de34f47eabff42bff"
x-cache-status
MISS
x-cache
Miss from cloudfront
x-amz-version-id
.Jgw42VM4Feq9bBJJ1QvJ_.FSMzRUmiP
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/png
content-length
306672
x-amz-cf-id
cOYlPVtPqdruxLkCJ8_mcXz6pQbcWnGxQNIgs_9gkL44ssp4MG1tgw==

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| Swiper function| sendClickTag function| tagAllLinks object| digitalData object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| elementList object| twemoji object| wp object| google_tag_manager object| _appInfo object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| qpprFrontData object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| isIdaStatsLoaded boolean| isAnalyticsLibLoaded object| _ibmAnalytics object| _dl object| ghostQueue object| ibmStats function| createPageviewTagForSPA function| bindPageViewWithAnalytics function| jQuery2 boolean| isJQueryOnSupported object| v16elu string| pageViewAttributes object| ibmweb object| dl string| IBMPageCategory boolean| isProductPage object| __cfBeacon object| gaplugins object| gaGlobal object| gaData object| utag_data function| tealium_enrichment string| US_PRIVACY object| record boolean| getVCPICalled object| utag_err boolean| utag_condload string| tmeid object| responseTokenMap string| entCategory undefined| entCategoryL10 undefined| entCategoryL15 undefined| entCategoryL17 undefined| entCategoryL20 undefined| entCategoryL30 undefined| entCategoryut10 undefined| entCategoryut15 undefined| entCategoryut17 undefined| entCategoryut20 undefined| entCategoryut30 undefined| entCategoryL10_15 undefined| entCategoryut10_15 undefined| entCategoryL10_15_17 undefined| entCategoryut10_15_17 undefined| entCategoryL10_15_17_20 undefined| entCategoryut10_15_17_20 undefined| entCategoryL10_15_17_20_30 undefined| entCategoryut10_15_17_20_30 undefined| nluKeywordsLocal undefined| topicsMap undefined| topics string| categoryCode string| categoryName undefined| eventInfo undefined| url object| utag function| e function| _tealium_old_error boolean| __tealium_twc_switch object| utag_cfg_ovrd object| datalayer object| utag2 object| URXEVENT object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor object| __TEALIUM function| targetPageParamsAll function| targetPageParams string| gtagRename object| MathTag function| twq function| mmUuidSync boolean| teconsentActive object| myibm function| onmouseoverFeedback function| onmouseoutFeedback function| onfocusFeedback function| onfocusoutFeedback function| onclickFeedback function| onmouseoutFeedbackforMarketPlace function| onmouseoverFeedbackforMarketPlace function| onfocusoutFeedbackforMarketPlace function| kampyleEvents object| custom function| output function| escapeDismiss function| surveyUtilFn string| tmpCurrentUrl function| siteFeedbackClose undefined| environmente object| temp function| createInvitation object| twttr string| tempUrl object| overrideKeys string| myitem object| newPatt string| survey_name number| preventCount function| _truste_eumap object| truste object| $temp_box_overlay object| $jscomp string| __ncconfig object| ncAudienceInsights object| Demandbase function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG string| computedFontFamily function| metric

37 Cookies

Domain/Path Name / Value
.cloud.ibm.com/analytics Name: com.ibm.cloud.console.analytics.anonymousId
Value: bd9281f1-849f-49e0-bd52-a81d0c079b9c
.ibm.com/analytics Name: BM_SESSION_ID
Value: 1651782862864
.securityintelligence.com/ Name: pageviewContext
Value: e8ea16cf-eb93-46af-9698-f8efd7df39bd
.securityintelligence.com/ Name: _ga
Value: GA1.2.1429598877.1651782863
.securityintelligence.com/ Name: _gid
Value: GA1.2.2060492580.1651782863
.securityintelligence.com/ Name: _gat_gtag_UA_143580012_4
Value: 1
.securityintelligence.com/ Name: userContext
Value: n/a|0|0|0|CA|QC|0|n/a|n/a
.cloud.ibm.com/ Name: com.ibm.cloud.console.nEU
Value: 1
.securityintelligence.com/ Name: BMAID
Value: bd9281f1-849f-49e0-bd52-a81d0c079b9c
www-api.ibm.com/ Name: notice_preferences_master
Value: {}
.securityintelligence.com/ Name: OPTOUTMULTI
Value: 0:0%7Cc1:1%7Cc2:0%7Cc3:0
.mathtag.com/ Name: uuid
Value: 2d206274-34cf-4400-84af-7e19ef003f00
.tealiumiq.com/ Name: TAPID
Value: ibm/main>018095ee48f6001a608768a68ca303073007d06b00b08|
.securityintelligence.com/ Name: _gat_gtag_UA_143580012_1
Value: 1
.demdex.net/ Name: demdex
Value: 81771582576142115964213829300610561306
.securityintelligence.com/ Name: AMCVS_D10F27705ED7F5130A495C99%40AdobeOrg
Value: 1
.t.co/ Name: muc_ads
Value: 1e6a68e3-ac75-46c5-a828-2af0f85a955d
.securityintelligence.com/ Name: notice_behavior
Value: implied|eu
.twitter.com/ Name: personalization_id
Value: "v1_7zNgj/XXC4cuDG0+LWY4vg=="
.securityintelligence.com/ Name: __ncuid
Value: 700f8f46-ea2c-4bc6-9478-7e42668c0181
.securityintelligence.com/ Name: nc-previous-guid
Value: aacb9fe295ab11ec9ccb222829db5644
.securityintelligence.com/ Name: _gat_ncAudienceInsightsGa
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 2b087a53899cdc9c41d6eca8d26ad68e
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YnQ0zwAAAEIaNQPl
.dpm.demdex.net/ Name: dpm
Value: 81771582576142115964213829300610561306
.securityintelligence.com/ Name: utag_main
Value: v_id:018095ee48f6001a608768a68ca303073007d06b00b08$_sn:1$_se:3$_ss:0$_st:1651784663714$ses_id:1651782863095%3Bexp-session$_pn:1%3Bexp-session$is_country_requiring_explicit_consent:false$dc_visit:1$dc_event:2%3Bexp-session$mm_sync:1%3Bexp-session$mm_ga_sync:1%3Bexp-session$dc_region:us-east-1%3Bexp-session
.securityintelligence.com/ Name: AMCV_D10F27705ED7F5130A495C99%40AdobeOrg
Value: 359503849%7CMCIDTS%7C19118%7CMCMID%7C86924856701141987473720101770390518733%7CMCAAMLH-1652387663%7C9%7CMCAAMB-1652387663%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1651790063s%7CNONE%7CMCSYNCSOP%7C411-19125%7CvVersion%7C5.0.1
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.company-target.com/ Name: tuuid
Value: 83d7a563-b408-484d-b03d-352287fc1576
.company-target.com/ Name: tuuid_lu
Value: 1651782863
.rlcdn.com/ Name: rlas3
Value: LcBjD6MWAVzgCrKsayaYHFfgWafJyO9qrK/2PC0WX6A=
.rlcdn.com/ Name: pxrc
Value: CM/p0JMGEgUI6AcQABIGCPHrARABEgYIyt0qEAA=
.demdex.net/ Name: dextp
Value: 269-1-1651782863872|60-1-1651782863974|1123-1-1651782864075|1957-1-1651782864177|22052-1-1651782864283
.bing.com/ Name: MUID
Value: 14FE43185DFE6DF72C6F52835CD46C3A
.c.bing.com/ Name: MR
Value: 0
.ml314.com/ Name: pi
Value: 3626996926823006220

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.www.s81c.com
analytics.newscred.com
analytics.twitter.com
api.company-target.com
api.www.s81c.com
c.bing.com
cdn.ampproject.org
cloud.ibm.com
cm.everesttech.net
collect.tealiumiq.com
consent.trustarc.com
consent.truste.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
ibm.demdex.net
id.rlcdn.com
idsync.rlcdn.com
images-cdn.welcomesoftware.com
ml314.com
pixel.mathtag.com
pixel.newscred.com
scripts.demandbase.com
securityintelligence.com
segments.company-target.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
t.co
tags.tiqcdn.com
unpkg.com
visitor-service-us-east-1.tealiumiq.com
www-api.ibm.com
www.google-analytics.com
www.googletagmanager.com
104.109.144.15
104.244.42.131
104.244.42.197
13.225.213.88
13.225.223.102
13.225.223.120
13.33.46.89
151.101.208.157
216.200.232.249
23.0.31.227
23.198.216.246
23.200.196.208
2600:141b:5000:6a8::b3a
2600:9000:21da:2000:f:fcff:7940:93a1
2606:4700:3033::ac43:86d6
2606:4700:440e::6812:2fe6
2606:4700::6810:7aaf
2607:f8b0:4004:c09::9a
2607:f8b0:4006:80e::2001
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:823::2008
2607:f8b0:4006:824::2003
2620:1ec:c11::200
3.94.97.220
34.111.234.236
34.231.11.134
35.190.60.146
44.239.223.37
52.0.123.240
52.4.86.119
54.173.43.128
54.186.7.121
99.84.126.33
99.84.39.121
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03d81c05d2b7bcd709563806be145309333dd0f398a91885350953cda5a1a04f
040d5f70883d0a420aadb6ae2664efd27ac22ca44190b69b4f4ab53db9bda25b
054a691210127056d3210996fae440364403edfef904affa979214ee9322637b
0a27d947d3ac73b0432085a8f4bbb1ec6529731733046447812d32e1b7a4cc69
0c886fd05750f4157b0058b1cc011e798ae93a61313a86384bb490cd93a4e8bc
0e04f8170ba222625c05aef2e88adfae07ace87e4cf95c4370d0cbcab8046baf
0e82da81b591f6ffc35aa67bcd9e1c39aa5983f7f8baaf35892956e8b2dc004b
0f7dfad58aeeda1650f0b69ccd7b74ca4c4e650118539baf6e7558af0e316ea6
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
194ea51d8f1ad1c00fbb738c8b400fbd2e4bd652fd578d52c2d6546d59295154
2135ae57a0c272a51f7fe61f2f8dc3ea4ac1f12188a4ef67e779f0aeb3372a35
2362a2b6663976d80e30679ab74d07731dd20ba8c5adbcae3d1123a6406d8eda
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2619658d2faa2b08888718e0ec1ae0404e1deb9a69ddf79f763bde76bf3c3eb8
2e7f5342105b392a295080c87c345965fa5f4dea75ca8af10584bcac7c8d48a2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
312150280db7f7b09d11f18a58c0eeef6ec97a85976a44c163a96360ce09b160
31f1c8437b4a34d4b4d66c59927d16774fb6197faf13dbd7b04758a2afdbad0b
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3fa2d11bed34d550c0eabb21ba6a8e71433b94a92337856952283c83fe18ece4
3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b
400a5ae6035e5b8e534f98e44142d74bc408326430bb2b5c5810a3900122dc17
400dd9c39d2d01ed976237c79a8ad0c20be47971a0467f2269c8ebe55567bcc8
42115041cb8e5081d9237c9fd443f09d6dcd2f4fbd9e1fae6aba86135279a4d6
4592c521f52bd17d12a3df2183effd3603f70b5db98edfcf3f739a72e80c5d16
45f4c2fae7bbd2ddf1f325f895082dbf9f33bdeccd39230df871e8c29f711cc2
473b9fbb17fa7755c34ae89223bb3d75e7c9220cb31cae32e5838eae3b5814fe
49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785
4a4f63fe60b19218be345784bc89f2254b401217dd2c009afe68d4687a2c2364
4d208152ce66b37adb9b9080cfddd5254137aebecfa3bb07ce4e7f3178ec71f7
4dd1908c6a8fd56a009de150a0d1b0c6c18a21543ff2f246a7108f385a22500e
4e66e469313475775cf200aaf1152a144f159f33245da50ee9cc82b3b8fd67d4
54d3e6fd6df1340fa8bfe759ccbf99d178b5bebe49ef39bc4ef0ba99f0420c00
54e73aef7b2b0ccad0cdbfc30b6c82a011948df3827919196a0f27893ce5d5c6
57a95ff6f7ba3ff3fc5560dcdb7113367a9b5cafa2d71134ef81692deaf46af3
5d5997f11a9482db230a12a91801a5006294d0c68817607fb2d8efdc7ecf006a
6501584349717ee1886cd7175e8f25b57f21f0bf7a6240deff94fdf126f2dc08
663a14b3fbb5e44ad939917a2f6f4d93f31a0a1d8ab6702fb0a66036141ddc8b
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
67a192cdfd3349d046b90e8fcf60c2b66a492d849f129ca525e4f7f518471f34
681e885d2baf3a5865cfa1fd6b9e5855b8a104b379208852b595c4e72f2c54b8
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf8c1a5bb073a51e3e127ad0660c56e81220a22b0096a3bfd591d1add47597b
6fb49fd990631e1c04d88f225d0a2dcfe50c7d3308979802e621c7e2b1593e17
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
7407adebd69a985ed26cea3bb4ccdd7cb8185518e653f4927496903c37e2e802
751896180380ca16602a57ec49a406d5cc510fcf6b584e7a305f79ce176a3770
790cfd19a8e033f96c28d63386fc4e3aff117ed855f762b40f39691a921de760
7978bdf5d9580547eef7aa32eaf9a9cbb9c1d90d5f82f4657cf79a90cfdb5c57
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7bf8c8af5f6bd977c4618843d6f103ef01162da38c8cc27b5f292549c9a1ca7d
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
8143504aa0343cd3d72cb2dc971a0c6bb7ceeb28d2f20970e24527988659139f
814759860cc987a983b49f360ae29e58b08fda03e86356545d310f44bd8c972c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86042f3e488c299da25a01ea2decaf7e796abd7ae4811782a75abc7ee78ee8d2
898413f0d39495364dbf2fea8d75f90c5e59196b8a659f4cd3b97d5e0a491367
8d4a8fd92a0381d2c534abe994beba126da9eb4b5de49412c78a06ee4c730c20
90358072eaa30fd32661e48a6ae5b6dc1096135eed8e1cb13a1f0d851d41baf6
90363b35dd483c041fc0700d7eb187f2efef98f055942f8aab2c5e87514c5143
90596b3d8081c6c46f53c00cc4215ccb61cadd6b0268bc2f9fe553c35774753d
93cc545f534a75a876beccc35125e563e20bb9857714482547fc151f07d57595
96dfc5f50442cc86b4a34c0776427374af0b3a906c0d1b27ef2916e78b721f13
96f4362517cb538ba594daaabe769b31a8254271c134973ef7205616a2f69376
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c7c2f2956f1110e5e7e360759c0fc49b62242b1e79667d67dbf945128551c54
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a646e84b454afcdfc9f38a9c9c2634176f8c98bc2c56ef376766260b42f02822
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b305539879bd932b13af03f2c7a38294572f4a664ecc77e83126d59297ef554a
b5f4df0247e5df3b3b83ca6e660e00a736a45c36b07edd571bb6d209744d3c09
b6440fc0195f3b55d6745b071f7fc9201aa74fe10a6bf8e403ef3660552d08aa
b70b7fdf057475d366893214c0fded16c619fb3d875e6285e00dec248dde9704
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be293c6af47f74d305c18a649df1d818d09e4b0a036046a9af24843008af1b34
bf4eae9216be01f9a411ac93c5008eb38a3abdbb12fdb50ef974a4599e90220a
c19b3e061643a54de7ef25a97b64591aec017d7082195143571387aad80c7fbf
c26a1ecfdd21efb4558aa563fc2037aa8a882b7940dd2e2c459e43da2d1804f5
c293dd767ec7cbd73e2a44a205433e08818fed8259a060805a8b063dc33b456a
c60332de2ffdabc594d0e46ceada004f041b9494d74b02c08de993886e18691f
ca9b10dd6f91b1495f2f5afb055e060c55a5cc89e12c435e383cc1998741a739
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1fd9e578963e44ce42bdff28b21acb83b96d4f7e956551af842cc1fe3537550
d87e9a5f66c1631a2b24f3ae74e4ffbedf00b643d1c57bded3c119773dcb0968
dca337d11cb99c194e99da0a8780ec4219ff742646b52a49675fffe44f5a7658
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb89b2cb1badbd9a684e6aed8409d4d7e7a9ef9d863b95c1116755a307a5f5a
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
e10c0bc79c425822dac76b3b3d381f523bc1a548b922ee73ce3435ef45c2ae6b
e1b1e30b7778a859a6584d608645bf5d8402cf53fcf078b55fe617a117fec429
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3181e593aa1c8a96cdd550ee065310398ea980f29f9582275b9b42110cb116b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e57b4f20189b81d0b529481def6b7bddf6ad1fa33e9a6ed808d2a9d28e479334
e735a7c94bdce570425aec0d3170a24835423b9e29da0f80aaf6ea192e89c738
e7b7e306023f3b2cf6e01c937e97aa3ad295ce6c9c6e8b17ed2898683fa19621
e830e5df9973ea43347538348ec5001185f1c305d5f1a8fd73769bf2534e3682
e89cc85750cabe4a1352be2c824af05958b906fdf9ab9b9e99fdd15a4d798152
ea535f19f06f7d62ccbfc384f87406cd84e4c896ac6815eb9da53f71e390b46a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa65ae4b632714fe246c34a2c886c18d143750b5ad4c17ccb791b0e19c796c20
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe286d4418ea555bb568a81ebcaab56560fc7d076eda46a790290db0c942e708