URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Submission: On March 25 via api from TR — Scanned from DE

Summary

This website contacted 60 IPs in 8 countries across 50 domains to perform 182 HTTP transactions. The main IP is 2606:4700:3031::6815:90b, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityaffairs.com. The Cisco Umbrella rank of the primary domain is 547550.
TLS certificate: Issued by GTS CA 1P5 on February 14th 2024. Valid for: 3 months.
This is the only time securityaffairs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
51 2606:4700:303... 13335 (CLOUDFLAR...)
2 3.160.150.46 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
1 192.0.77.2 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.67.19.4 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2600:9000:26d... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 108.138.6.136 16509 (AMAZON-02)
1 18.245.31.9 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
13 2606:4700:21:... 13335 (CLOUDFLAR...)
3 108.138.3.46 16509 (AMAZON-02)
1 52.59.1.131 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 178.250.1.8 44788 (ASN-CRITE...)
3 185.184.8.90 204995 (RTB-HOUSE...)
4 145.40.97.66 54825 (PACKET)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
2 91.134.110.128 16276 (OVH)
1 2607:f350:3:2... 27630 (AS-XFERNET)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 4 51.38.120.206 16276 (OVH)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
2 184.30.16.195 16625 (AKAMAI-AS)
1 198.47.127.19 3257 (GTT-BACKB...)
1 44.199.169.123 14618 (AMAZON-AES)
1 2600:9000:211... 16509 (AMAZON-02)
2 2 172.240.127.130 7979 (SERVERS-COM)
1 54.155.219.82 16509 (AMAZON-02)
3 4 37.252.171.149 29990 (ASN-APPNEX)
1 52.29.81.155 16509 (AMAZON-02)
1 162.19.138.82 16276 (OVH)
4 77.245.57.72 36057 (WEBAIR-IN...)
1 5 172.64.151.101 13335 (CLOUDFLAR...)
3 7 76.223.111.18 16509 (AMAZON-02)
1 44.195.196.122 14618 (AMAZON-AES)
1 1 46.228.174.117 56396 (AMOBEE)
2 35.71.131.137 16509 (AMAZON-02)
5 7 142.250.185.226 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 3 35.214.149.91 15169 (GOOGLE)
2 2 52.57.133.207 16509 (AMAZON-02)
1 178.250.1.9 44788 (ASN-CRITE...)
1 174.129.99.166 ()
1 2 52.46.128.147 ()
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 35.214.244.54 15169 (GOOGLE)
1 54.204.233.13 14618 (AMAZON-AES)
2 2a02:2638:3::c ()
1 79.127.216.47 ()
182 60
Apex Domain
Subdomains
Transfer
51 securityaffairs.com
securityaffairs.com — Cisco Umbrella Rank: 547550
2 MB
13 vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 38866
4 KB
10 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 195
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 275
cm.g.doubleclick.net — Cisco Umbrella Rank: 353
169 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 143
tpc.googlesyndication.com — Cisco Umbrella Rank: 204
228 KB
9 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 15923
sync.quantumdex.io — Cisco Umbrella Rank: 8989
3 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 355
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 920
aax.amazon-adsystem.com — Cisco Umbrella Rank: 461
s.amazon-adsystem.com
82 KB
8 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 4567
api.cmp.inmobi.com — Cisco Umbrella Rank: 13703
219 KB
7 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 721
5 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 891
dis.criteo.com — Cisco Umbrella Rank: 992
gum.criteo.com
1 KB
6 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 45748
s3.vlitag.com — Cisco Umbrella Rank: 57582
366 KB
5 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 857
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1179
dsum.casalemedia.com — Cisco Umbrella Rank: 2912
3 KB
4 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 2606
536 B
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 371
4 KB
4 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 751
ads.pubmatic.com — Cisco Umbrella Rank: 817
image6.pubmatic.com — Cisco Umbrella Rank: 1238
12 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1055
764 B
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1085
542 B
4 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5548
buttons-config.sharethis.com — Cisco Umbrella Rank: 6246
l.sharethis.com — Cisco Umbrella Rank: 5961
94 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 619
2 KB
3 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6170
544 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2440
mp.4dex.io — Cisco Umbrella Rank: 3233
27 KB
3 wp.com
i0.wp.com — Cisco Umbrella Rank: 4903
stats.wp.com — Cisco Umbrella Rank: 3674
pixel.wp.com — Cisco Umbrella Rank: 3385
42 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3677
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 589
297 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 3020
1 KB
2 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 9559
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
imasdk.googleapis.com — Cisco Umbrella Rank: 666
137 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
176 KB
1 a-mx.com
id.a-mx.com
274 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 2192
35 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1480
289 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 6739
181 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 42888
270 B
1 liadm.com
i.liadm.com
180 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 881
426 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 734
865 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 879
194 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2569
371 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 655
1 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 816
35 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1057
175 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1033
243 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2477
76 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 898
31 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2212
239 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 4070
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 437
2 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 4233
408 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2066
256 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1728
256 B
1 gstatic.com
fonts.gstatic.com
48 KB
182 50
Domain Requested by
51 securityaffairs.com securityaffairs.com
13 px.vliplatform.com securityaffairs.com
7 cm.g.doubleclick.net 5 redirects eb2.3lift.com
ssum-sec.casalemedia.com
7 eb2.3lift.com 3 redirects sync.quantumdex.io
eb2.3lift.com
7 cmp.inmobi.com services.vlitag.com
cmp.inmobi.com
7 pagead2.googlesyndication.com securityaffairs.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 sync.quantumdex.io s3.vlitag.com
sync.quantumdex.io
ssum-sec.casalemedia.com
4 sync.adkernel.com sync.quantumdex.io
4 ib.adnxs.com 3 redirects eb2.3lift.com
4 onetag-sys.com 1 redirects s3.vlitag.com
sync.quantumdex.io
4 prebid.a-mo.net s3.vlitag.com
4 services.vlitag.com securityaffairs.com
services.vlitag.com
3 x.bidswitch.net 2 redirects eb2.3lift.com
3 useast.quantumdex.io s3.vlitag.com
3 prebid-eu.creativecdn.com s3.vlitag.com
3 bidder.criteo.com s3.vlitag.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 aax.amazon-adsystem.com c.amazon-adsystem.com
3 c.amazon-adsystem.com services.vlitag.com
c.amazon-adsystem.com
2 gum.criteo.com s3.vlitag.com
2 dsum-sec.casalemedia.com ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 a.sportradarserving.com 2 redirects
2 match.adsrvr.org eb2.3lift.com
ssum-sec.casalemedia.com
2 ssum-sec.casalemedia.com 1 redirects sync.quantumdex.io
2 ads.betweendigital.com 2 redirects
2 ads.pubmatic.com s3.vlitag.com
sync.quantumdex.io
2 prg-apac.smartadserver.com s3.vlitag.com
2 script.4dex.io s3.vlitag.com
script.4dex.io
2 securepubads.g.doubleclick.net services.vlitag.com
securepubads.g.doubleclick.net
2 s3.vlitag.com services.vlitag.com
2 www.googletagmanager.com securityaffairs.com
2 platform-api.sharethis.com securityaffairs.com
1 id.a-mx.com s3.vlitag.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 csync.loopme.me 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 i.liadm.com ssum-sec.casalemedia.com
1 dis.criteo.com eb2.3lift.com
1 pr-bh.ybp.yahoo.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 sync.1rx.io 1 redirects
1 cs-server-s2s.yellowblue.io sync.quantumdex.io
1 id5-sync.com sync.quantumdex.io
1 match.sharethrough.com sync.quantumdex.io
1 ap.lijit.com sync.quantumdex.io
1 s.ad.smaato.net sync.quantumdex.io
1 ssp.disqus.com sync.quantumdex.io
1 image6.pubmatic.com ads.pubmatic.com
1 static.criteo.net s3.vlitag.com
1 cadmus.script.ac script.4dex.io
1 hbopenbid.pubmatic.com s3.vlitag.com
1 mp.4dex.io s3.vlitag.com
1 apex.go.sonobi.com s3.vlitag.com
1 api.cmp.inmobi.com cmp.inmobi.com
1 cdn.jsdelivr.net s3.vlitag.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 imasdk.googleapis.com services.vlitag.com
1 www.google.de securityaffairs.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 pixel.wp.com securityaffairs.com
1 l.sharethis.com platform-api.sharethis.com
1 fonts.gstatic.com fonts.googleapis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 fonts.googleapis.com securityaffairs.com
1 stats.wp.com securityaffairs.com
1 i0.wp.com securityaffairs.com
182 71

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
infosec.exchange
www.linkedin.com
securityaffairs.co
resecurity.com
Subject Issuer Validity Valid
securityaffairs.com
GTS CA 1P5
2024-02-14 -
2024-05-14
3 months crt.sh
sharethis.com
Amazon RSA 2048 M02
2023-05-20 -
2024-06-17
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
vlitag.com
GTS CA 1P5
2024-03-23 -
2024-06-21
3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2023-11-28 -
2024-12-28
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
www.google.de
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA
2023-08-18 -
2024-08-17
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
vliplatform.com
E1
2024-03-09 -
2024-06-07
3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2024-01-19 -
2024-12-29
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2023-10-23 -
2024-10-22
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-08 -
2024-05-07
3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1
2023-03-29 -
2024-04-28
a year crt.sh
*.a-mo.net
R3
2024-03-06 -
2024-06-04
3 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-17 -
2025-01-16
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2023-12-07 -
2025-01-07
a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-23 -
2025-01-29
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
script.ac
E1
2024-02-26 -
2024-05-26
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-17 -
2024-05-17
3 months crt.sh
ssp.disqus.com
Amazon RSA 2048 M03
2023-10-21 -
2024-11-17
a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03
2023-09-04 -
2024-10-02
a year crt.sh
*.lijit.com
Amazon RSA 2048 M02
2023-11-21 -
2024-12-19
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
*.id5-sync.com
R3
2024-03-01 -
2024-05-30
3 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4
2024-01-12 -
2025-02-12
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2024-03-13 -
2025-04-11
a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M03
2024-03-18 -
2025-04-16
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-01-30 -
2024-07-30
6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2024-02-12 -
2024-08-07
6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
*.liadm.com
Amazon RSA 2048 M02
2023-08-31 -
2024-09-28
a year crt.sh
adentifi.com
Amazon RSA 2048 M01
2023-07-06 -
2024-08-03
a year crt.sh
id.a-mx.com
Sectigo RSA Domain Validation Secure Server CA
2023-10-12 -
2024-11-10
a year crt.sh

This page contains 18 frames:

Primary Page: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Frame ID: F4D75BCC9AE946229EC0354AA867EAA0
Requests: 135 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1711332463&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F160975%2Fapt%2Frussia-apt29-german-political-parties-wineloader.html&pra=5&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711332463379&bpp=2&bdt=288&idt=89&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8794745580171&frm=20&pv=2&ga_vid=505342560.1711332463&ga_sid=1711332463&ga_hid=1994953000&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082031%2C95325976%2C95326315%2C95320378%2C95326917&oid=2&pvsid=3501358633305091&tmod=197472043&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=103
Frame ID: 61C2679ACEBA07621E23937A36A36DE1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DFECFC6C88776F1E702C77F486DBA564
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&us_privacy=1NNN
Frame ID: C0DA5B0D04E87CF69A7C309A4DD420D9
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1NNN&gpp=&gpp_sid=
Frame ID: 0C08360DA495B97EA8A3B5F0062BFADB
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1NNN
Frame ID: F89E2980713D2B7E8AE275638921170C
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1711332464273&us_privacy=1NNN
Frame ID: 856F6F2A6A7771BE30467B33D4EBF66D
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: 367A0414E9FBF8699F7E21DF8E60F38A
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: D2237F06B6AF47C821E6DDEC5F0C7C63
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: 1B526225051A38E9D4638FB78BE3EDA8
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: C6BA9F6D7CA05EF939E67CAB8F5E0D84
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1NNN&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Frame ID: 1328DD867F57812BA464C7496224868F
Requests: 11 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Frame ID: 756229C3EFCE7DA0897A2DD6ABEACFAD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: EE16A6510C87C72E6F528FDCE69FFB69
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: 0A9B0F7888D76829641CAB75F25C6FE3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: F510CDBBC36662E09AAED2EDD8B307F6
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=onetag-pbs&uid=
Frame ID: 4208BEB66BC10B81A87E63725160FFB1
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: A16D9316B4EFDC1EC0F24CCE26BDEDBB
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Russia-linked APT29 targeted German political parties with WINELOADER backdoor

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

182
Requests

93 %
HTTPS

42 %
IPv6

50
Domains

71
Subdomains

60
IPs

8
Countries

3437 kB
Transfer

8386 kB
Size

42
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 143
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=6295447206562183058 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e1e5f9ca-25b9-5355-91f8-c2c3f7f81eb0
Request Chain 145
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8083375486872998020
Request Chain 151
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 152
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1NNN&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1NNN&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Request Chain 157
  • https://onetag-sys.com/usync/?gdpr=&gdpr_consent=&us_privacy=1NNN&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Donetag-pbs%26uid%3D%24%7BUSER_TOKEN%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=onetag-pbs&uid=
Request Chain 158
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 160
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc5ODc4MTczOTU4NzUyNjk2MjEwMQ%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc5ODc4MTczOTU4NzUyNjk2MjEwMQ%3D%3D&google_tc= HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 161
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGc7ihj8QSR8tddu30zmHmc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 162
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc5ODc4MTczOTU4NzUyNjk2MjEwMQ%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc5ODc4MTczOTU4NzUyNjk2MjEwMQ%3D%3D&google_tc=
Request Chain 165
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2798781739587526962101&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=2798781739587526962101&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6b75c6e6-cc75-421f-988a-11387231eccc&ssp=triplelift
Request Chain 167
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8083375486872998020&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 172
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZgDcc1VbLTgAAE5IAklHcQAAFBYAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZgDcc1VbLTgAAE5IAklHcQAAFBYAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 173
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=f50a879d-5aa8-474f-8929-44a4e6811635
Request Chain 174
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1711418867
Request Chain 175
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=06decaa0-04db-496a-9e8f-54eefbf0c29a&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null

182 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request russia-apt29-german-political-parties-wineloader.html
securityaffairs.com/160975/apt/
265 KB
53 KB
Document
General
Full URL
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f7dfa456000e4ef71766632813648e60fb3ae0aecf2845ec3f315ebef26134b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
869b5955ed9a085b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 25 Mar 2024 02:07:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZodv1YMBKnR2G9kQouaaCFY0PIA8CFbI3elsFTHV5sgdptWFMG996xN%2BbdpYN8IFje3KNtQa2MHga8U%2FXI44pvbp6bBUhNTlRwbkUzi50tRCFzyfvuToF1UmyZPhBkNeQwAqkpd64pmYOGhr%2BOknL%2F7"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Cookie
style.css
securityaffairs.com/wp-includes/css/dist/block-library/
107 KB
15 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/css/dist/block-library/style.css?ver=c41508708aee2c344eae4014dc54e214
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c16bb40daec136d30bff5a07e1c9614ef6e3a3256a53ce26aee1673fc315167

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185696
cf-polished
origSize=118255
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 30 Jan 2024 22:56:45 GMT
server
cloudflare
etag
W/"65b97ead-1cdef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DnqXqZOmHPwfES3TZBOYe0RN2T2PKpdUXywLlhC%2Bo2XB46LybvvrX5dvicyWA2DYGggPbr6rxRhIkNZatzigcF5IheM09V8o2MtlrEOGfT2%2FOR1a2MWQ8vUPXtKaVgesUiOVUrzMBt539itnM57PIV89"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
869b59565de1085b-FRA
expires
Fri, 29 Mar 2024 22:32:46 GMT
mediaelementplayer-legacy.min.css
securityaffairs.com/wp-includes/js/mediaelement/
11 KB
3 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
193445
etag
W/"5fd15e34-2bf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AN5cp5U6wlz0KZh2JWij3jXpAy92fIWZJo37WzJ%2BkXvSS02blKGv44lxrtPo2wQaVCntrsh5GV15BcfwbDBOwp0zjHaU%2BfAJUmz6eFOlxRpNnJflvqjpISKB0WHD%2B%2FBe0Ree9qbNwmXZM1ntfEWmMOY2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
869b59565de2085b-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Mar 2024 20:23:38 GMT
wp-mediaelement.css
securityaffairs.com/wp-includes/js/mediaelement/
4 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/wp-mediaelement.css?ver=c41508708aee2c344eae4014dc54e214
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193445
cf-polished
origSize=4960
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 13 Nov 2019 23:52:08 GMT
server
cloudflare
etag
W/"5dcc9728-1360"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kzMzO6l2%2BpxVvNzABtNYjyuadvXiSxU50CZiTY5a1tINKXOnI1dG51CAJVpsEMl7VAo6n5DrUBqFpYapZCBKHutcrVVSnKrL%2Btx7f3f0DRI2N1YicM%2FEA1rqF21uDUNXaXzCWO7T1clDcYSowE7ouCr9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
869b59565de3085b-FRA
expires
Fri, 29 Mar 2024 20:23:38 GMT
styles.css
securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.2
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d4b7ac2cf724a064d15a4379ccca7a81c346dcb143f279d83a0e99f9563cc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185697
cf-polished
origSize=2894
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 16 Mar 2024 21:20:37 GMT
server
cloudflare
etag
W/"65f60d25-b4e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ahPJvON6Ba6WqqS75QpV9Rr%2Bkyr4xMshrGtuil6aqNdJGvT9Ke6SAsFZ7s%2BKd6Rz9OfwkWC4T6vTz8fSnVuBPG%2Fc3NcymNBjGeNeFxHsGQadSCqNMYJgjj4fK2I4%2BpW2PUj9fcfBB2KsvlEsa%2BesTsWJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
869b59565de4085b-FRA
expires
Fri, 29 Mar 2024 22:32:46 GMT
cookie-law-info-public.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.2.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185697
cf-polished
origSize=3106
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 19 Feb 2024 23:44:54 GMT
server
cloudflare
etag
W/"65d3e7f6-c22"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UYcsQOgkKr45tD7SgDpFyWa7X1xJ4Au3ELDKktyTok319iOctl2hYXFzg7tL726cKjZTarU%2BUdeYeJIS8EGgebBEmPofnRNoq65VArVrEwLmcLh7ssDNwJoRaHbKMooZ5PU7MCNd1iwun3Tm163aQBOs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
869b59565de5085b-FRA
expires
Fri, 29 Mar 2024 22:32:46 GMT
cookie-law-info-gdpr.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/
22 KB
4 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.2.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
199893
cf-polished
origSize=27249
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 19 Feb 2024 23:44:54 GMT
server
cloudflare
etag
W/"65d3e7f6-6a71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mmIZbf5dOSzLcDVKrCGR%2BsIyfUiT4oqnnuEV%2FkYDCjENlaxkVxTks7B2oNke0EtttF9zvCymLtg5yHtJc0LZKd%2BZ3TAeQDB17rYEZoS6TGT1KJQVhixTaWWXEMTfMGw1N28sZehkR6gdJ6rL5GdWgC3Q"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
869b59565de6085b-FRA
expires
Fri, 29 Mar 2024 18:36:10 GMT
mu-style.css
securityaffairs.com/wp-content/plugins/sharethis-share-buttons/css/
0
352 B
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=1700246740
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
189626
cf-polished
origSize=26
alt-svc
h3=":443"; ma=86400
content-length
0
cf-bgj
minify
last-modified
Fri, 17 Nov 2023 18:45:40 GMT
server
cloudflare
etag
"6557b4d4-1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qzUdBZbsg9BKjlRlKqB%2BCGvNRl5aIimPa4doNJlAN7dle6nHzepB%2Fa3m3P%2BWdVuyX3oqD9ObV45fA0ryVu7vGQTRX7YDsTvmxPhs6WwB4GFJM3hODvmEhCSp2txvxcLxmrxpiqp%2Bt4hqjJB4Ytv0khqn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
869b59565de7085b-FRA
expires
Fri, 29 Mar 2024 21:27:17 GMT
form-basic.css
securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/
2 KB
871 B
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.9.11
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193445
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 09 Jan 2024 22:59:13 GMT
server
cloudflare
etag
W/"659dcfc1-654"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lG8KQyN3YHmoQBHvrT96LdJ3FQFTk47u1PqLdeRWlMDj6wQFJVPimF4rzrS3wCEfsr9YPKSV3199ohyH7QgrezceXCXQ3LApuTk1kFbMxzf7hv6utV%2BzzUyNnl%2FRHPqRTcBVw1xRrNKM0mcWIkpCF7wb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
869b59565de8085b-FRA
expires
Fri, 29 Mar 2024 20:23:38 GMT
bootstrap.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/bootstrap.min.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:47:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
199893
etag
W/"63ec8df4-260c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wr175IlaTs2jEGLuJpepvCMDXEZMIVmyKkG3Q7Y%2FawPEASylXn0F9jenspp%2BRYxbzvzCOEjCg5MHYKmLGHMJbILJwoH3K55IGd%2B2%2B2akEQq41peB5Mnbeik4RvDeZb8T%2BXGw1IUEH0PgC0bQyRy6bEVj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
869b59565de9085b-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Mar 2024 18:36:10 GMT
plugins.css
securityaffairs.com/wp-content/themes/security_affairs/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185697
cf-polished
origSize=31000
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:47:01 GMT
server
cloudflare
etag
W/"63ec8df5-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbcMr7YT5szVVvmo2omvXQPPDOS9unABpo6SaD92bM5q7xjfXiZ74EfR1faowtJrrffCfp24I5o5YFFod%2BTb3A%2BJ35a3e9fUIbBqoeLPu2IzNne5NFt4U82DepV9RZG%2FgKrfJg41ESwNft76YyVkkUBw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
869b59565deb085b-FRA
expires
Fri, 29 Mar 2024 22:32:46 GMT
animation.css
securityaffairs.com/wp-content/themes/security_affairs/css/
44 KB
4 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/animation.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaade0e5f063f06ba9ec0303b6e2cf134e7e7ddedce6b51813880fe52bbb5de2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185697
cf-polished
origSize=45516
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:47:00 GMT
server
cloudflare
etag
W/"63ec8df4-b1cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PN%2FyIcowZiKN8nYIYscliijCUDYYUciyhi5AdAp8ZRoLq0V1bxNRyjZMBaFpCAvTKWb4owx9ANG7cHHvm%2FJl%2FA2ogA9O2Sr1r2j51Do9WJ9Ex07X%2BpqPFA2LvzKxpeIT3Eea%2Bx8fSYK5325xzdFCBxYC"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
869b59566df4085b-FRA
expires
Fri, 29 Mar 2024 22:32:46 GMT
select2.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/
16 KB
3 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/select2.min.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:47:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
189626
etag
W/"63ec8df5-3f88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kIUoV3zMvFOn4%2Bz71SwJwVbVyzoMWD6nJTJpfD%2FxLZkkoGt%2FhUG4ZayQ19CTCtm9WvB1gfI1vRS3dohz5itmMhm6SMRbZ3C9n4zk0sx5v0HuQs3YQe2K1adFHSlGplj5H8644fyxH%2BEIQDWHmbQOr56J"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
869b59566df6085b-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Mar 2024 21:27:17 GMT
bootstrap-datetimepicker.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/bootstrap-datetimepicker.min.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165d6cf0440273d98a7ff9e3a3c996af430f251f139ce41bd21d2b995291a0ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:47:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
189626
etag
W/"63ec8df5-13c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rKQARkzxz6Ozo1t94L%2Fk1tw7ibcdGoDeVfS1kS0tx5NUlneoY6uwKavwjeu7FKdvb4pRcdDt2a0Sl6u2H4iDgNkLVfT5J4J6nzvF%2FwbS%2B9qoo1vwKCFSDj7SJASWAXwvwuDZAgdJbiqlNx49OKHCwxag"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
869b59566df9085b-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Mar 2024 21:27:17 GMT
style.css
securityaffairs.com/wp-content/themes/security_affairs/css/
62 KB
10 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac825c2e7eb874cfe862111097aa63158b575df11b0ea342814a5bc55f450b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185696
cf-polished
origSize=63687
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Aug 2023 19:58:52 GMT
server
cloudflare
etag
W/"64dd2a7c-f8c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4LIqtf0oMucj4zlMhK2zUXkyC0evH9aejDJP8vVVJ5GCP%2BYvGeksnEPa1l1mvGwOO2q%2BZvq6zozp8nenUJQArFWdobqKaHH2FnNtFLyToyFocXHyEfmlCAQdnJ1%2B8Ua8OES5jtSj78bEssOEH4D1cJO"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
869b59566dfa085b-FRA
expires
Fri, 29 Mar 2024 22:32:46 GMT
slick.css
securityaffairs.com/wp-content/themes/security_affairs/slick/
4 KB
1 KB
Stylesheet
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/slick/slick.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a21e3d4b193d36cbfab4d9cb007c5f531c86b7c3d5fbadc0ea2a20296330d536

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
189626
cf-polished
origSize=4922
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:45:55 GMT
server
cloudflare
etag
W/"63ec8db3-133a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=110tlYy%2Bfr%2BDpSzACmgaYzOJBW3%2FoxrvrrhMvziM63Hb0GTTYJo6Wn8vN%2B14EEOAgAawIc7k9T8ZmvJrvIOnDyFovt%2B5IscjlQK8bbvd0g7Am7wnhMHOMbYc4SbApI4NN1PwKgBsJBun7pC4xIm5P0D5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
869b59566dfc085b-FRA
expires
Fri, 29 Mar 2024 21:27:17 GMT
jquery.js
securityaffairs.com/wp-includes/js/jquery/
138 KB
41 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery.js?ver=3.7.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
508a8d88a4db7b5ef87b1d5b6fc60e56b7c5384b75b75b10e77f298ea108b510

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
199893
cf-polished
origSize=285334
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Nov 2023 22:53:12 GMT
server
cloudflare
etag
W/"654c1158-45a96"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fa9zK2sKTQTUkSnozTFj9Q5CH83g53I8nCXEzVDix87ruqHfqpPFmCD%2FyjYH%2B%2Fs%2FkIfGiYjDZkVSDhJ7ZxVg4wiCQSXRKyySg%2F8Ux90ADZwixoG9R2rRA9LrmPWOxWbHS14R04Dk8yO7VSgur%2FN2TkQA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b59566dfe085b-FRA
expires
Fri, 29 Mar 2024 18:36:10 GMT
jquery-migrate.js
securityaffairs.com/wp-includes/js/jquery/
19 KB
6 KB
Script
General
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193445
cf-polished
origSize=31978
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:36:33 GMT
server
cloudflare
etag
W/"64d2c371-7cea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=maydzMYvu1Ro68m9uHGbVgVEGXk4jxY4HIGuAod6G1J54j76gPFqTT4o6kPLi5d338%2Fx4A12YYU5n7kXuVHzDag3xcTXWzF%2FJCMV%2B%2BR0N8iD%2BHUrHfOmxdpS5c7dLV4ZgUwtoeAWjTnU1fybF8jiP6B0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b59566dff085b-FRA
expires
Fri, 29 Mar 2024 20:23:38 GMT
cookie-law-info-public.js
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/
27 KB
7 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.2.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
199893
cf-polished
origSize=34179
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 19 Feb 2024 23:44:54 GMT
server
cloudflare
etag
W/"65d3e7f6-8583"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vDytOjFxOenDoW%2BSaafcrWyMrmnZFzhVq0Wprq1JCnaTvYinSJnSkpQFRFxQEiMtsbqQ%2Fg6tiXJPEhQTEV2F854c4M036mmD%2BxVc3kNvYNAXSyvSjzrgZR%2BYJHtUDksD5GYO26A4nmkPZKRFNwQCRx16"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b59566e00085b-FRA
expires
Fri, 29 Mar 2024 18:36:10 GMT
sharethis.js
platform-api.sharethis.com/js/
206 KB
46 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js?ver=2.2.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-46.fra60.r.cloudfront.net
Software
/
Resource Hash
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 01:58:40 GMT
content-encoding
gzip
via
1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P7
age
543
etag
W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
nSVv044yUAj1o8yCFbpDF3Rvm7QX7qicc6Qzp2Oo7T7YHWlLINsAwA==
sharethis.js
platform-api.sharethis.com/js/
206 KB
46 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.12
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-46.fra60.r.cloudfront.net
Software
/
Resource Hash
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:04:40 GMT
content-encoding
gzip
via
1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P7
age
184
etag
W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
0Yzv1Tuk8Zjs-0ZgPMmGeIFkVB5IiWEIJ1WHV7swmmjRKkkGFdvSOw==
js
www.googletagmanager.com/gtag/
219 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8527f54ad217bde6c9d70f52b8fc97ee898d5c2e14f98d3fc4393526a62b1e7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81616
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 25 Mar 2024 02:07:43 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0f861c53296c7b57ccc2332ad08907997b21f13b8c4b93e82c9049aa5cc0f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51079
x-xss-protection
0
server
cafe
etag
3809733051516365855
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 25 Mar 2024 02:07:43 GMT
js
www.googletagmanager.com/gtag/
284 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3102ff26e14a1c035fa81b45200b667cb8dede6ae29674fce3bb9ea16b5aec0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97766
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 25 Mar 2024 02:07:43 GMT
/
services.vlitag.com/adv1/
547 KB
142 KB
Script
General
Full URL
https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d5db2f7743f47812f826a89759e8fd56c6a3d17edda1b4fe37fb3b9268ee4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
812
cf-polished
origSize=559839
etag
W/"221a5a398da89ace8729d1cd3c481ec7 2024-03-14T05:57:24 v1 default"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900, stale-while-revalidate=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
869b59571f079736-FRA
alt-svc
h3=":443"; ma=86400
menu-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/
467 B
726 B
Image
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/menu-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ef2c493105913ae8a012433b49e73fec9f4e3dfaf70723bcf66c3e3e0e09e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
184590
etag
W/"63ec8dd3-1d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwQgd3B8eA%2FebbCErNN%2FlGz2MSC3AsYcrJKBRpMkMi9qnwL98RNFTIaNZoV7gW23NDC9yx0XK62JjW2dkL6GD6e1E%2BkP4w9WChCVgG2%2BsZDHE3t0rTb5HWjj42yswuClIgrfS%2BoEJtD%2FLKOfkWHI6jwD"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
869b59566e02085b-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
securityaffairs.com/wp-content/uploads/2023/08/
5 KB
5 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2023/08/logo.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e18fa3a179268df5763ae93f237dfa9ab4733b4e2791fe3cfeecca702a8832

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160605
alt-svc
h3=":443"; ma=86400
content-length
4751
last-modified
Sun, 27 Aug 2023 14:33:01 GMT
server
cloudflare
etag
"64eb5e9d-128f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sRfiNapfSRSDrb51v4oLEgF5al7u2peEsSQ103MHgPNUriXbG0hDQxtkVw5sY5J64mmJsWbsrdajJI93LOM0u9PiuSAxPQ5ql1B1UnNrGRi%2BG4kHxvESv9jt42C1igZwV%2Fu6pb58j18DfU3h8DNInWQO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
869b59566e03085b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
84756a75-0495-40b4-b03f-b02f336bbec4
https://securityaffairs.com/
5 KB
0
Other
General
Full URL
blob:https://securityaffairs.com/84756a75-0495-40b4-b03f-b02f336bbec4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09587fd0b4c984573371a553f082e27c4e4ba98f65130e1b1eb7c0b7699509e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
5047
Content-Type
text/javascript
user-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/
987 B
1 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/user-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e0352c858984ddb68c11c0b8265ea2ae72ab8d29b4471f888d4cbd95fe881ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
199837
etag
W/"63ec8dd5-3db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jDNLaBS76t%2FTSvbh2DXhw30dok45SsOjHGzCqtL3Xj%2BWgtUS4enjVzDR3gGG%2BjRxyGdlGvbY73hIEAMQdFAjdtq6ZLPz2UeVKu9qfDTT%2FN6aSz9z6lJ0SvFbg1GkkJkaSfDoig9IsgNOP75o4gzSCzki"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
869b595699bc1987-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
clock-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/
947 B
1 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/clock-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b5d4f52ec96a0aef85f731e618cb627749775534ae86976446f42350757392

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
193383
etag
W/"63ec8dd5-3b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dLzFR24iRcukKShhHHHL%2FP3gVzk3yKI5S6Su%2F1oju6sT1gGzcEEEt9GfP%2Bs1VgsBczMnHon7Js7otjJtFZ0dDQCEpL7ummp8VeEtRp0LgJg%2B0r6u5k8E8UweKaxdC3yivrXfw86XiJbnsyzIiT9pHzF4"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
869b595699c01987-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
Consular-Department-of-the-Embassy-of-the-Russian-Federation.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2016/12/
38 KB
39 KB
Image
General
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2016/12/Consular-Department-of-the-Embassy-of-the-Russian-Federation.jpg?fit=692%2C519&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
d6dd148050cda2da699cede2abf46fed876fee124cd118da487422a2451aabb2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
39134
x-nc
HIT hhn 3
last-modified
Sat, 25 Nov 2023 14:29:42 GMT
server
nginx
etag
"780a1ab9d0683ecc"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2016/12/Consular-Department-of-the-Embassy-of-the-Russian-Federation.jpg>; rel="canonical"
expires
Tue, 25 Nov 2025 02:29:42 GMT
newsletter.png
securityaffairs.com/wp-content/uploads/2015/03/
50 KB
50 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2015/03/newsletter.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1267fc6c8805b7f508e04bc8da776509420413adb25e197f12c9f9405c74ac6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
163561
alt-svc
h3=":443"; ma=86400
content-length
51032
last-modified
Wed, 16 Dec 2015 11:53:22 GMT
server
cloudflare
etag
"567150b2-c758"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xStlC49YxbbISuNSc%2FLtfisdsLpkb5m0Zig5h6eVA2P6CeQSVxR2NkNW6rCttmwtS9dnU5E0w3DmQsUC5LGFYH1eRMV07LOWt4X2TkbBHPtIrdMK6gxY%2FjxlJmU%2Foz192E2nvH3wJF1ixPrGcpOe4Vrv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
869b5956fa0e1987-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ramadan.jpeg
securityaffairs.com/wp-content/uploads/2024/03/
369 KB
369 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2024/03/ramadan.jpeg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14db06c145284d178dbae1e212928bc8b3f482e1b6ba49816bc55e5bad0fd706

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55663
alt-svc
h3=":443"; ma=86400
content-length
377383
last-modified
Sun, 24 Mar 2024 10:32:37 GMT
server
cloudflare
etag
"66000145-5c227"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JD5oK2%2FmnzFJtHWRPn%2FIEoiYYErA2czRP3TNDEQciQO0SH%2B33n0JYxKlrv9dXTyEAFX7lhUUmKNKqDNXh8c93E16ec3Im0RlMok1aoxXTbjl4KOi1F%2BXNgorYLR47wbjRpwSfw37JEpLEf4DcV7TxqEB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
869b5956fa101987-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Consular-Department-of-the-Embassy-of-the-Russian-Federation.jpg
securityaffairs.com/wp-content/uploads/2016/12/
92 KB
92 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2016/12/Consular-Department-of-the-Embassy-of-the-Russian-Federation.jpg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13c74a3d594ad23aea83d2e896e0bfad0b527dfbdbb0c222dc52a481df3ec85c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182691
alt-svc
h3=":443"; ma=86400
content-length
93967
last-modified
Tue, 13 Dec 2016 10:50:54 GMT
server
cloudflare
etag
"584fd28e-16f0f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BPPTj7pf5A5jiunw0Tn5HnQ7wyi51T3zT5iNHnP3ST84x0iEevRLbv5KQt5%2FtM96QtmOf6yZRJkFZfun084qE2w%2B8ykh3gdMzZuikK9bHsv4XcH7H8uun0JEap0kcLF9ZVdvRKHpNRY2Cy6FaNzao3GA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
869b5956fa111987-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
mozilla-firefox.png
securityaffairs.com/wp-content/uploads/2015/08/
130 KB
131 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2015/08/mozilla-firefox.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2184f6c6c42bd0b64c444650f1317563abac70c30b669f31d93534568e2162f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
130329
alt-svc
h3=":443"; ma=86400
content-length
133591
last-modified
Wed, 16 Dec 2015 13:02:39 GMT
server
cloudflare
etag
"567160ef-209d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2rNKexyHYlFXacSWK5ZSLBuPYkymcTuyjSD%2F2nlisBsr7ZB4%2FRSYCYXsY4pI1FXUiyJcFt3NdVFJ4bFqywubDlplb4Jkb2MiJL9RGeVV0h5RTtAIXORszN1SnIZaWK7E7TMY20scQj5VRi4FJTGtDO0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
869b5956fa121987-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
sign1-2.png
securityaffairs.com/wp-content/uploads/2024/03/
499 KB
500 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2024/03/sign1-2.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
867812ced5d0b4a953ca9693ea088048b2ac47030aacc2627f8e9b0250a32b8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
133490
alt-svc
h3=":443"; ma=86400
content-length
510956
last-modified
Sat, 23 Mar 2024 12:54:45 GMT
server
cloudflare
etag
"65fed115-7cbec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dEAKAOKOOmU24QT1qOinpX7%2BgvFmkYZrM3JEQkogxIi%2BzgHS0I%2BE%2F3mMBmE%2FalRigHN0MG1AQwD97icY%2Bm%2FDMLlvn0D51SrCSn11tWQtjVsdJatpnok4BFMy44n7Er5ci9c7o4UdkBb9jghbiBsYnFb5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
869b5956fa131987-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Resecurity-Banner.jpg
securityaffairs.com/wp-content/uploads/2024/03/
235 KB
235 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2024/03/Resecurity-Banner.jpg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f8e33084e855d45ffd07d52954f7cca447bc010a4bef3ec3b32a7e95de0543c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
199023
alt-svc
h3=":443"; ma=86400
content-length
240152
last-modified
Mon, 18 Mar 2024 13:38:31 GMT
server
cloudflare
etag
"65f843d7-3aa18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6XK9AUNx6u014%2B1j3D2EiinvlpEGkxdGd6B4Z1J2r8I3BrqvpD22RQqIo6YkKXQjbE8Jf1jTM5Z70rcg1sJcXQ%2F22%2FtYRa0%2B8%2BI%2BEVwznUVKFDcCdZTb0PUry2YIQBVl6jUUJ07Dw%2FikCbZ%2B2JBLR0g"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
869b5956fa141987-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer-logo.png
securityaffairs.com/wp-content/uploads/2023/08/
4 KB
4 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/uploads/2023/08/footer-logo.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b253964206a6ce075557f8735e7b57268338885e821f317bc63c6616e75c7b60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
199023
alt-svc
h3=":443"; ma=86400
content-length
3916
last-modified
Sun, 27 Aug 2023 14:33:08 GMT
server
cloudflare
etag
"64eb5ea4-f4c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q7dEB9iYGp5tpK4mPuAF4GugIb4iUqgLsCYO37KJLqsu7GdH3xFAYUytZhzVHVxQmvKW%2Brz%2Fs6BgAdNNstKAHuO3yLjKAP1lHaOuM61dEjgMl7WeAEOE16mF6LZI0I2%2BkP0oPwX6P3NBNpMeae%2BpPUQG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
869b5956fa151987-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Mar 2024 10:35:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65fc0d6b-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njQJC33B18zlCwrDwtglSq5X%2FnnJ%2BCtpt6E8pZGr44GJkxcLlbE9WSsk6lLaaNWyn67prAEq3T8P2z1t3fTIWEU480dSIuWfbimSsV%2FiOvUQSzmnXnOTaT9Lq4lpAAygS1I%2B9LDbvMrBpDSpwr4Yo9d2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
869b5956b9d71987-FRA
expires
Wed, 27 Mar 2024 02:07:43 GMT
image-cdn.js
securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/
701 B
865 B
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188896
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 16 Mar 2024 21:20:44 GMT
server
cloudflare
etag
W/"65f60d2c-2bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EGAOyz8DEg1%2F2kePqewe719URUOUZ5rkBIHNyIhY5L%2BjzZk7w2wQxBIObfYrmF6rUF%2BfzZb1k9QCrDhsvS7MP9Iu2Ri2JOMNaTFJc1esW5MPuEP4Qt7BDnjxfA1%2FaqkQcOaZi9SWQeKbLzUI%2BFy5N8f5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b5956b9d91987-FRA
expires
Fri, 29 Mar 2024 21:39:27 GMT
index.js
securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/
11 KB
4 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.2
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
364184
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 16 Mar 2024 21:20:37 GMT
server
cloudflare
etag
W/"65f60d25-2cf9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BcYj%2FmwTzHEvRk9EQJ66KQgXSC9ZDp9xfylK4l6I1FNeMuY1udgFvdzjvTdgIAKAuZAKhbM0TIqFSg2UzoABt9RJwcizP01sGv1OjPcuVahd9Jh%2FmshdQqPa6gr4sMmGcCwQ24KXST4hma0PnmY8vsu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b5956c9e51987-FRA
expires
Wed, 27 Mar 2024 20:57:59 GMT
index.js
securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/
13 KB
5 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.2
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
364184
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 16 Mar 2024 21:20:37 GMT
server
cloudflare
etag
W/"65f60d25-32fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JIVsYnSL3E84WLtvK4CiAGLfeAqeCJL5kFqbOX0ztS%2BXwrUkyXMWPHlQZgEDGYdZWvhL3%2Bw1lNIMeA5%2BO9w%2Br%2FuujV3sjWkqFUJroLLAjkJabrZ8ZPucWGlc8xP6EhmHpAp28VvgK%2BJ56YRetAPenLjQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b5956d9ec1987-FRA
expires
Wed, 27 Mar 2024 20:57:59 GMT
ssba.js
securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/
2 KB
1 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1707265669
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193384
cf-polished
origSize=3110
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 07 Feb 2024 00:27:49 GMT
server
cloudflare
etag
W/"65c2ce85-c26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j3TmS%2FCwOwxTmzPJeDT1Pw7R7XAL3sA0lEEbhoMI%2FnU3WbDr%2FTe%2F42AO6t96ncE%2ByJL4xuFb7ITK50KQk%2FPdJn%2B%2Bjdg39VQ0v8RTNSPYvhYA6ObGpU%2FXCV2%2FA7fkLS0tRbpf5AVgHDeP%2BV3fVOS0%2BmOX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b5956ea031987-FRA
expires
Fri, 29 Mar 2024 20:24:39 GMT
jquery-3.5.1.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/
87 KB
32 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/jquery-3.5.1.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
193384
etag
W/"63ec8dba-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pEcqzl3XCl69fnk0GmoiNRDVVmc50RJwOd7g1ABTX5A8AGFxiX6T3rCBcUyyvKtHIP681SZRzIhZ9%2B4TvOC9jX35TcAyyQbooNVdh8g%2F8AxaM24atQeVbpqSbA3B2bVoF3Sfi7%2BogiJuJQID%2F1ayOzIy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b5956ea041987-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Mar 2024 20:24:39 GMT
bootstrap.bundle.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/
77 KB
23 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/bootstrap.bundle.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
185739
etag
W/"63ec8db9-13397"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XnU5%2B%2BU4j1B%2FdDmOUo1xihgiDaghS%2BGMvbneA9wBEC6ypbg5TZmcUfVSzEVTo8Lq54tFa3NbxfbFnEMmhZZr4E0kj73GoTY2kk8ArkfUxNomV4H5hjBjqOf2JIxF0DA9dg0LfZE3vMh9flKW8sWAUFcC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b5956fa051987-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Mar 2024 22:32:04 GMT
animation.js
securityaffairs.com/wp-content/themes/security_affairs/js/
3 KB
2 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/animation.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c03404e75c3b5dd3190080d5b678433a88aed86b17fba7685f8a36950414fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
199836
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
server
cloudflare
etag
W/"63ec8dba-b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vYENsV5yRi8SfRBZ1ORlJEb78WGKw6XakzmWiYrCeDLKlfbNGkrYEB7CoCDNE8K7Zuhzs9inqmUXksIdbk9Ik%2FFmurgIiFKG%2BhO%2B8zpPkRFUzszraiuX6CxXI77hm6p90POJzZQgAX2Gdc8fndCrpKdL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b5956fa061987-FRA
expires
Fri, 29 Mar 2024 18:37:07 GMT
slick.min.js
securityaffairs.com/wp-content/themes/security_affairs/slick/
42 KB
11 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/slick/slick.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:45:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
199836
etag
W/"63ec8db3-a76f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mg4JVevTrI3ecJOFWdwqUvbYomWpYnASqcvV7XrKU956IbBL76imk0zT3ZaQLp3JEfAL3YjpK2ycXTgJZ8ckwmFoJCnnM%2F8Pp26c283F5n3SKBTgGq1R%2Fr5fKji66Vh5eJdN872q6txdgNonEQqbCbbf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b5956fa071987-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Mar 2024 18:37:07 GMT
select2.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/
71 KB
20 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/select2.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
193384
etag
W/"63ec8db9-11dcb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ub4jDHgdYDd6bbNhhIeEbA5VYVZC9efgEsEblPyQefQH17lI5kLn%2BKOaRS4sUcFY%2BE1EOZ2089WaZPlxpvbr49GDWJAMR%2BXvku5BfRO5tmbbIVZ61xlVKe0H5bcdUmFNmuf6DQpLA28bzoHo6x1M2IOc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b5956fa081987-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Mar 2024 20:24:39 GMT
moment.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/
33 KB
13 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/moment.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5dcd8c4de34bf3e2bbbb1499ef55172ca6a8c7124c5aaa04cc6ea48a084b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
188896
etag
W/"63ec8dba-857b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TBZ94VMOiVrtX1vNW2E12LdDsr6NsWbmV3kPQlEMGly14KPL8Rr8TaJT9RudVCd4rl1NTSno3vWcFcSJrCOFzetyRsOB3BCs00wFGIZdhnsR96ivINFswEwXXzude0%2BsicKNV6RzFvrNxlWvld4ntPQr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b5956fa091987-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Mar 2024 21:39:27 GMT
bootstrap-datetimepicker.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/
23 KB
7 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/bootstrap-datetimepicker.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5220bfc9416c5b55c41b39baaf1744ed2ce2bec1b0e77382067dea40eec68ba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
185739
etag
W/"63ec8dba-5a28"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ImujTdl5eiPc6Cmv9gE6LLsTUXWiuxWojufwWmbVogfI36A3fEeQXoggs3EoWMAE1n6aVAuRmNy4SqtDNz2ZwNUrODMXu3eG2xJ1bNmriX2UXda0LdSIGSO3teyWj%2B%2FnQkz%2FjNHBfaCvSGbcuSbzPvgz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b5956fa0a1987-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 29 Mar 2024 22:32:04 GMT
script-datepicker.js
securityaffairs.com/wp-content/themes/security_affairs/js/
236 B
664 B
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/script-datepicker.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e1de7132433ebaa0845af00ce1812287ba004d8288bf78b455f1d9f494f2ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185739
cf-polished
origSize=552
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
server
cloudflare
etag
W/"63ec8dba-228"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SKUnkbxPb1GYmSiOPAT55Qn4aVPLdo94R3LXVGiR7D2hVqFnOYbOQpC%2BKNH37MgnmDsW4LqhIhqpf6hSN8nRfHr5tuX127UwD69mxpXmcO7sdwgxOyL0mQbWbF42uEwFDwoTtIO1yB8JjcC7vCQ0xu%2FN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b5956fa0b1987-FRA
expires
Fri, 29 Mar 2024 22:32:04 GMT
script.js
securityaffairs.com/wp-content/themes/security_affairs/js/
4 KB
2 KB
Script
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/script.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a65e356551523b3a3222147ddb49ea4dad9b21d38a9b590effd45d55fc94d03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
199836
cf-polished
origSize=6278
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:46:01 GMT
server
cloudflare
etag
W/"63ec8db9-1886"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iG%2BBm5j08gz5q1TVIZMKFZ7%2BiWpGi%2F8yIIsb0wuBWpyTy44CCniuOj6AT9HerjX07NbOXr%2F20BwiV%2B2XvK1TZRHajOpBnaw1%2F10Es5g%2Fv%2FEAUEmO8h9u5cLmFyAAjm4nc1OFRUZSVyVHYsVJ2qfOYpTk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
869b5956fa0d1987-FRA
expires
Fri, 29 Mar 2024 18:37:07 GMT
e-202413.js
stats.wp.com/
7 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202413.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/160975/apt/russia-apt29-german-political-parties-wineloader.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402356565.5398
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Sun, 23 Mar 2025 22:44:54 GMT
css2
fonts.googleapis.com/
34 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e98bf7b4b2c361aa2de0e8616c355c67d8deabf96c1dc60a1f88af516e87e7a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 00:42:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Mar 2024 02:07:43 GMT
65f850d4db40be00131d1c63.js
buttons-config.sharethis.com/js/
927 B
1 KB
Script
General
Full URL
https://buttons-config.sharethis.com/js/65f850d4db40be00131d1c63.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=2.2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16c238246f72d6664babdd6dd27bc30813fb13fb633881a14a3f44445f6a2b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:42 GMT
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C1
age
2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
927
last-modified
Mon, 18 Mar 2024 14:33:59 GMT
server
AmazonS3
etag
"9e18acbb6d773fab62392bf31b15ea82"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
x-amz-cf-id
8cFT3IW8SY8SmIOorJx7nnpo-e6aTksTit0EBFhSGw5tHuG5UuZyBA==
search-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/
940 B
1 KB
Image
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/search-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df70b268a34a8036eca2f536d670f59e142b877bf09ad993aec61417c7a4870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
193383
etag
W/"63ec8dd0-3ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GdaFFeYf8Vm4r6V%2ByRdNSfQkYiBrBDwD8h7A4wKaw0bHOh1UU8T4VzCIEC40Qv%2FljuSX%2B3UqNy92TN%2FMg4ZXi0i5KvkHUCKKpjyGIm9SwDqCET9tvx8qnoqCyCHgz6GIRzAy3%2F1FXSKyZ3IcPRCu1zkI"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
869b5956fa161987-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.woff2
securityaffairs.com/wp-content/themes/security_affairs/fonts/
75 KB
76 KB
Font
General
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:07:43 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3070
etag
"63ec8de8-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9jVR%2FxCDOkBfxOVb%2BuNDirpQ43ZdnV0%2BeSzjjZIH1wHMILDA1LMT%2BWgaz5l5GcS3FlFzpebWWOTu1Vct1AqD1GOUVu6RCDBJa8%2FSfdHFE%2FSOcMUrz3RlcbUJU7FlAulT6LZbmC9cSPtvItcFfYo29Y33"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
869b5956fa181987-FRA
alt-svc
h3=":443"; ma=86400
content-length
77160
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 08:10:53 GMT
x-content-type-options
nosniff
age
496610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 08:10:53 GMT
pview
l.sharethis.com/
0
406 B
XHR
General
Full URL
https://l.sharethis.com/pview?event=pview&hostname=securityaffairs.com&location=%2F160975%2Fapt%2Frussia-apt29-german-political-parties-wineloader.html&product=unknown&url=https%3A%2F%2Fsecurityaffairs.com%2F160975%2Fapt%2Frussia-apt29-german-political-parties-wineloader.html&source=sharethis-share-buttons-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Russia-linked%20APT29%20targeted%20German%20political%20parties%20with%20WINELOADER%20backdoor&cms=unknown&publisher=65f850d4db40be00131d1c63&sop=true&version=st_sop.js&lang=en&description=Russia-linked%20threat%20actors%20employ%20the%20WINELOADER%20backdoor%20in%20recent%20attacks%20targeting%20German%20political%20parties.&ua=&ua_mobile=false&ua_full_version_list=&uuid=b016e6a6-ca30-4ab1-ae9e-307bbf7d9ab6
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=2.2.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.19.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-19-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Mon, 25 Mar 2024 02:07:43 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://securityaffairs.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*