www.deepinstinct.com Open in urlscan Pro
2a05:d014:275:cb00::c8  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

• https://www.deepinstinct.com/_next/image?url=https%3A%2F%2Fwww.deepinstinct.com%2Fimage%2Fblt11bdc9f7133b9458%2F65835dd5a2c41f4af9daf19e%2Fblog-image-UAC-099-Ukraine.png&w=1680&q=100 HTTP 301
• https://www.deepinstinct.com/_ipx/w_1680,q_100/https%3A%2F%2Fwww.deepinstinct.com%2Fimage%2Fblt11bdc9f7133b9458%2F65835dd5a2c41f4af9daf19e%2Fblog-image-UAC-099-Ukraine.png?url=https%3A%2F%2Fwww.deepinstinct.com%2Fimage%2Fblt11bdc9f7133b9458%2F65835dd5a2c41f4af9daf19e%2Fblog-image-UAC-099-Ukraine.png&w=1680&q=100

Request Chain 51

• https://www.deepinstinct.com/_next/image?url=https%3A%2F%2Fimages.contentstack.io%2Fv3%2Fassets%2Fblt1ec077b6b53d6b3e%2Fbltfdfca743f7ac9662%2F630e2d5d8bdc107d4a01ba3f%2F800x800-blue-monogram.png&w=64&q=75 HTTP 301
• https://www.deepinstinct.com/_ipx/w_64,q_75/https%3A%2F%2Fimages.contentstack.io%2Fv3%2Fassets%2Fblt1ec077b6b53d6b3e%2Fbltfdfca743f7ac9662%2F630e2d5d8bdc107d4a01ba3f%2F800x800-blue-monogram.png?url=https%3A%2F%2Fimages.contentstack.io%2Fv3%2Fassets%2Fblt1ec077b6b53d6b3e%2Fbltfdfca743f7ac9662%2F630e2d5d8bdc107d4a01ba3f%2F800x800-blue-monogram.png&w=64&q=75

Request Chain 77

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316505&time=1703470261581&url=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316505&time=1703470261581&url=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D316505%26time%3D1703470261581%26url%3Dhttps%253A%252F%252Fwww.deepinstinct.com%252Fblog%252Fthreat-actor-uac-0099-continues-to-target-ukraine%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316505&time=1703470261581&url=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=316505&time=1703470261581&url=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&cookiesTest=true&liSync=true&e_ipv6=AQJRqHbveXKZ0wAAAYyevWgBvyq_UIEVXgQax0c0Yc_Fe8HXgvSxZtttDYn2w-4dReHwKMKR

Request Chain 105

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1719281461&external_user_id=f03be6e3-1460-4659-aeef-203c6fabf65e HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1719281461&external_user_id=f03be6e3-1460-4659-aeef-203c6fabf65e&C=1

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request threat-actor-uac-0099-continues-to-target-ukraine Show response www.deepinstinct.com/blog/	109 KB 16 KB	427ms 385ms	Document text/html	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash f82433a7bc0d6c5064abe0197e28c7ad3e50605a85e73da642c90078b4b38140 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 699 cache-control public,max-age=0,must-revalidate cache-status "Netlify Edge"; fwd=stale content-encoding br content-type text/html; charset=utf-8 date Mon, 25 Dec 2023 02:11:00 GMT etag "1b4e2-FOOmxI2IwKlYL1VdHxcnS/Zeqe0-df-df" server Netlify strict-transport-security max-age=31536000 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-nextjs-cache REVALIDATED x-nf-render-mode odb ttl=600 x-nf-request-id 01HJFBTRAEV2YDJH6XSEQC2N3N x-xss-protection 1
GET H2	200	optimize.js Show response www.googleoptimize.com/	133 KB 51 KB	193ms 66ms	Script application/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleoptimize.com/optimize.js?id=OPT-P298HTJ Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 97b926e9567d0066af4305d384f1f3107ea19429aefa2774dbb69e1e1c76e9fb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 51831 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 25 Dec 2023 02:11:01 GMT
GET H2	200	a09148cb025bec27.css www.deepinstinct.com/_next/static/css/	33 KB 7 KB	26ms 26ms	Stylesheet text/css	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/css/a09148cb025bec27.css Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 03a695d764d84144959f32a6e815a50eacf8fc5787eed12246a2d3e1c4e44d2e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRPMESQSWN2YDPRX3YNS date Mon, 25 Dec 2023 02:11:00 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 35483 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 7100 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "6889d88a355907878d92ace8ca46c804-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	6d42086b486a94df.css www.deepinstinct.com/_next/static/css/	11 KB 3 KB	12ms 11ms	Stylesheet text/css	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/css/6d42086b486a94df.css Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 131c8e4b03d3865f2b9b1f94867999309fffa0cab9b421134a6aa063f0e240dc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRPMY3WFWRT8FNBSTTTY date Mon, 25 Dec 2023 02:11:00 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 54294 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 2642 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "21d69d80d610cc6a5fd26e10d5b3a3ee-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	e24af18bfed2b9e3.css www.deepinstinct.com/_next/static/css/	889 B 984 B	28ms 28ms	Stylesheet text/css	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/css/e24af18bfed2b9e3.css Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 66aac9d3210f68de513a93e481d67dfa843665cdba4809f3bde13aefb77e71c6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRPNMZN03W90KC0JC1YT date Mon, 25 Dec 2023 02:11:00 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff server Netlify age 51427 cache-status "Netlify Edge"; hit etag "593c03e06e8844bfe5fe086ac9a7db49-ssl" surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-type text/css; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes content-length 889 x-xss-protection 1
GET H2	200	5935-c757cc9152444a3d.js Show response www.deepinstinct.com/_next/static/chunks/	30 KB 10 KB	9ms 9ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/5935-c757cc9152444a3d.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash d619ebece095748eb92d409eaac19e4346f5d7380db0442021e0ef148bab686d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRVZWDJWH6MB0TMDJP5R date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 17677 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 10248 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "3ef712ed36e9a21b26047f3fd28cf1e7-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	6329-831a74148bce6612.js Show response www.deepinstinct.com/_next/static/chunks/	139 KB 37 KB	9ms 8ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/6329-831a74148bce6612.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash de90f9a4370cff2dafd0d322cf18b2d8c16baef1851c46e8d8624fa2b202fb18 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRW9GDXN2GEZ4S23VRCM date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 17677 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 37923 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "72f383f89326a9869a85155ac85b38b0-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	248.0db1e1c53eb42682.js Show response www.deepinstinct.com/_next/static/chunks/	2 KB 865 B	9ms 9ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/248.0db1e1c53eb42682.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash a650259b67fd9815669b3a36ce8881448e8d5ad989de4bcb18ecae6ca73cfabe Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRWPH2B0GXYCXAQGSE5P date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 47153 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 766 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "e54a9f29d324f6da17af16e029a456fc-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	webpack-6edcada4c306df09.js Show response www.deepinstinct.com/_next/static/chunks/	8 KB 4 KB	200ms 200ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/webpack-6edcada4c306df09.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 4c3196c42ca387f410f417fd5207f7c5ca3ce4d88d6820ffa9cae1b34ff22b0d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRX09J3BJ60X0K7D4AAS date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "cf60c063c1aba4dd8f726c1f486c8da1-ssl-df" surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes x-xss-protection 1
GET H2	200	framework-a070cbfff3c750c5.js Show response www.deepinstinct.com/_next/static/chunks/	127 KB 40 KB	10ms 10ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/framework-a070cbfff3c750c5.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 33dc89018fe5aed90ddd9f9615cba7412569abfad7d4995d81001e532aac79c9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZ5PS19Q3BK3DKPZPS4 date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 17678 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 40583 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "a5a16d94fca796cad0f6a4696526de62-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	main-56046b3e412722f8.js Show response www.deepinstinct.com/_next/static/chunks/	120 KB 33 KB	16ms 12ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/main-56046b3e412722f8.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash fc3d502ace2503c2860416688a2fa238234df171764c9bdd3fef3f02cbe0e61c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZKA143MHH6BJHAQTJM date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 17677 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 33864 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "1a07219644b6d7027000db0cde858ad8-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	_app-de8101c0d8fecbbe.js Show response www.deepinstinct.com/_next/static/chunks/pages/	1 KB 594 B	16ms 12ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/pages/_app-de8101c0d8fecbbe.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 1bb11639b6fac45629437a0f8c465af729084e5ad3a70e61861cf170d25c1ffe Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZKA5WH20VCFWTRZD3R date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 17678 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 501 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "ce8210c1df4c4e944aea527e4430a11f-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	5675-33a595ecead4a5e3.js Show response www.deepinstinct.com/_next/static/chunks/	10 KB 4 KB	15ms 11ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/5675-33a595ecead4a5e3.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 25701ff46a6938978e4b3a307406ea586727388fe86ed523c6edd4435ebd6c5e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZKPXT5N3V7K78KS1NN date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 17678 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 4176 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "824fb2c9d32017ebde0be8407e6fbc96-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	9366-e4dac70fdca9d72a.js Show response www.deepinstinct.com/_next/static/chunks/	29 KB 10 KB	20ms 16ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/9366-e4dac70fdca9d72a.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 5904bc0d6e72fc3e0028407f78c13aebab8a5e20104018420e1009f7cd9d1526 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZMHRZCT2RY2CGCYF2V date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 17677 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 9786 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "a137e842cd7f054a2985c678d6b7a55a-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	6116-877a4bf85744f982.js Show response www.deepinstinct.com/_next/static/chunks/	31 KB 10 KB	20ms 16ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/6116-877a4bf85744f982.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 3524dd4ac96893432d2326f5ac7bbbe7ecf4c1e3f9be368e5c8b01862b84e73e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZMN42WF7K7X14Q4F7Z date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 49763 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 10110 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "4049ca753c364668c16b2c11e8628573-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	6804-693318409af478ce.js Show response www.deepinstinct.com/_next/static/chunks/	18 KB 6 KB	25ms 23ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/6804-693318409af478ce.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 5d6a261605f748413f5c29c41e2de153baa2ddd4724684d1921b33adbd90bd3d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZK7DPK2MWWKNFXZ4AM date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 69589 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 5575 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "a8a70eb62008c46dd8d6365fc79385e0-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	%5Bpid%5D-cba4384301721ec6.js Show response www.deepinstinct.com/_next/static/chunks/pages/blog/	572 B 681 B	15ms 13ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/pages/blog/%5Bpid%5D-cba4384301721ec6.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 6ce00c492fc82a2a05b2a29ec95e50f42ba69d2974ed3f0c094bc0cfb3872ee7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZKV7820TVEA16G6HDT date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff server Netlify age 51426 cache-status "Netlify Edge"; hit etag "20e6670eb1bf9578dcd26de49fb858be-ssl" surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes content-length 572 x-xss-protection 1
GET H2	200	_buildManifest.js Show response www.deepinstinct.com/_next/static/xDDwJPcQKjoAur_17JNcJ/	8 KB 2 KB	14ms 12ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/xDDwJPcQKjoAur_17JNcJ/_buildManifest.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 09a75ae598a0712ace703f5cf28b0860061221fa8169ca693a4e51d1d0faf0bb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZMCXH4ZMF262F5SHX7 date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 64008 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 1508 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "b220fb125cbbaf3b8221e76cb4bd28d6-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	_ssgManifest.js Show response www.deepinstinct.com/_next/static/xDDwJPcQKjoAur_17JNcJ/	455 B 602 B	24ms 22ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/xDDwJPcQKjoAur_17JNcJ/_ssgManifest.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 32cc58a56e1170810316c9cb82dd82a1fb379e2b82139b5ed039063bb40e4724 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZKT9XV7HPG53QBN0SY date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff server Netlify age 64008 cache-status "Netlify Edge"; hit etag "328a07056600d7d25597a4867d779215-ssl" surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes content-length 455 x-xss-protection 1
GET H2	200	zka3qml.css use.typekit.net/	3 KB 993 B	170ms 134ms	Stylesheet text/css	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/zka3qml.css Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 58cbce6773a86e5d812444badcc12a2b7da1bc9bd7508c777f67189a4a0ac6b5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Mon, 25 Dec 2023 02:11:01 GMT server nginx vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 770
GET H2	200	fig1-Attack-flow.png www.deepinstinct.com/image/blt08d3b2f2d7d67bbf/65835d869fa6cf660e286cfd/	87 KB 87 KB	27ms 27ms	Image image/png	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.deepinstinct.com/image/blt08d3b2f2d7d67bbf/65835d869fa6cf660e286cfd/fig1-Attack-flow.png Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 07d01ccd150736a0f3e25fa4a39dc9320fed10ec105956ebe8685bf2fd3abafb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRPPV3G0112JT1H5K480 date Mon, 25 Dec 2023 02:11:00 GMT strict-transport-security max-age=31536000 via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 292230 fastly-io-served-by vpop-haf2300702 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 x-cache MISS, HIT fastly-io-info ifsz=164103 idim=968x740 ifmt=png ofsz=89099 odim=968x740 ofmt=png content-disposition inline; filename=fig1-Attack-flow.png fastly-stats io=1 content-length 89099 x-xss-protection 1 x-request-id 70f1337bcb66aeb757dfacd9058f06e6 x-served-by cache-sjc1000107-SJC, cache-iad-kcgs7200151-IAD x-runtime 150ms server Netlify x-timer S1703402275.460910,VS0,VE2 x-contentstack-organization bltdec97706489ab5de cache-status "Netlify Edge"; hit etag "DSiWhA9vZd2oeBe0bN78EoGay6joD2t332VJ6gtGi3g" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * access-control-expose-headers content-disposition, content-type, cache-control, status, content-length cache-control max-age=31536000 x-nf-render-mode ssr accept-ranges bytes x-cache-hits 0, 1
GET H2	200	fig2-SFX-Execution.png www.deepinstinct.com/image/blt8c3feebcf5b30766/65835d85c3fb27179c19bffe/	84 KB 85 KB	12ms 12ms	Image image/png	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.deepinstinct.com/image/blt8c3feebcf5b30766/65835d85c3fb27179c19bffe/fig2-SFX-Execution.png Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash bb1584d1decd6069b82aad695ed83f435a3307a72447b809e2e59e444699b2f2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRPN5T50EDA93A6R5NGS date Mon, 25 Dec 2023 02:11:00 GMT strict-transport-security max-age=31536000 via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 292230 fastly-io-served-by vpop-haf2300707 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 x-cache MISS, HIT fastly-io-info ifsz=99086 idim=523x334 ifmt=png ofsz=85914 odim=523x334 ofmt=png content-disposition inline; filename=fig2-SFX-Execution.png fastly-stats io=1 content-length 85914 x-xss-protection 1 x-request-id f202756269cc59849c255202a5b7ae93 x-served-by cache-sjc10063-SJC, cache-iad-kjyo7100175-IAD x-runtime 137ms server Netlify x-timer S1703402275.477778,VS0,VE1 x-contentstack-organization bltdec97706489ab5de cache-status "Netlify Edge"; hit etag "33jkDLUqDMses+S/q8rlQhZtmRvsJWi/wZmKXFHfCOw" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * access-control-expose-headers content-disposition, content-type, cache-control, status, content-length cache-control max-age=31536000 x-nf-render-mode ssr accept-ranges bytes x-cache-hits 0, 1
GET H2	200	fig3-Double-extention-trick.png www.deepinstinct.com/image/blt52f1063996d6c6ac/65835d853ea3614ddc574a88/	32 KB 33 KB	12ms 10ms	Image image/png	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.deepinstinct.com/image/blt52f1063996d6c6ac/65835d853ea3614ddc574a88/fig3-Double-extention-trick.png Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash de032f3d2595d3a7bf61a1645aa4e7907c22006328632a47b0cc55ed333e4519 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRQFA9VPYB4FTNY8H1Q7 date Mon, 25 Dec 2023 02:11:00 GMT strict-transport-security max-age=31536000 via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 292230 fastly-io-served-by vpop-haf2300710 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 x-cache MISS, HIT fastly-io-info ifsz=44366 idim=209x328 ifmt=png ofsz=33242 odim=209x328 ofmt=png content-disposition inline; filename=fig3-Double-extention-trick.png fastly-stats io=1 content-length 33242 x-xss-protection 1 x-request-id 68b7cae2cb52a2e03ba2d6d68ba86557 x-served-by cache-sjc10071-SJC, cache-iad-kiad7000047-IAD x-runtime 106ms server Netlify x-timer S1703402276.639472,VS0,VE2 x-contentstack-organization bltdec97706489ab5de cache-status "Netlify Edge"; hit etag "KBDwOgHD7RXDIkhc60/MeAdHhe0hiULCpx56iAxO6Ww" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * access-control-expose-headers content-disposition, content-type, cache-control, status, content-length cache-control max-age=31536000 x-nf-render-mode ssr accept-ranges bytes x-cache-hits 0, 1
GET H2	200	fig4-Malicious-powershhell_wz.png www.deepinstinct.com/image/bltdd7e45750fbc5e70/65835d8671a55d4766cd1dea/	1 MB 1 MB	13ms 13ms	Image image/png	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.deepinstinct.com/image/bltdd7e45750fbc5e70/65835d8671a55d4766cd1dea/fig4-Malicious-powershhell_wz.png Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 218e41b73ab56e69b1e79a35213f1a22f6371e1e5ca68efb2600fa66ab1d1305 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRQH8NVXME6BBA1YXXHV date Mon, 25 Dec 2023 02:11:00 GMT strict-transport-security max-age=31536000 via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 159550 fastly-io-served-by vpop-haf2300711 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 x-cache HIT, HIT fastly-io-info ifsz=1769657 idim=1639x584 ifmt=png ofsz=1515076 odim=1639x584 ofmt=png content-disposition inline; filename=fig4-Malicious-powershhell_wz.png fastly-stats io=1 content-length 1515076 x-xss-protection 1 x-request-id 26da5c1830052fea069ba30c33f1c4fc x-served-by cache-sjc10027-SJC, cache-iad-kjyo7100065-IAD x-runtime 291ms server Netlify x-timer S1703402276.233991,VS0,VE2 x-contentstack-organization bltdec97706489ab5de cache-status "Netlify Edge"; hit etag "CELo5lc03FtExUXxg5CES95XxcuUxLzbmFzDLx7qkGQ" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * access-control-expose-headers content-disposition, content-type, cache-control, status, content-length cache-control max-age=31536000 x-nf-render-mode ssr accept-ranges bytes x-cache-hits 1, 1
GET H2	200	fig5-LonePage-VBS.png www.deepinstinct.com/image/blt45c12455f8d2218f/65835d85b782f0f0c55838b3/	23 KB 24 KB	19ms 19ms	Image image/png	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.deepinstinct.com/image/blt45c12455f8d2218f/65835d85b782f0f0c55838b3/fig5-LonePage-VBS.png Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash e25492ce50109e1e6ee48c4850ac33b6c97f86ef21b11b0f355bca447f1d5d80 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRQVWZWTTTJMB41TMAQZ date Mon, 25 Dec 2023 02:11:00 GMT strict-transport-security max-age=31536000 via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 292230 fastly-io-served-by vpop-haf2300713 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 x-cache MISS, HIT fastly-io-info ifsz=23665 idim=1111x172 ifmt=png ofsz=23635 odim=1111x172 ofmt=png content-disposition inline; filename=fig5-LonePage-VBS.png fastly-stats io=1 content-length 23635 x-xss-protection 1 fastly-io-warning Failed to shrink image x-request-id 6d252b26712b2913f3660af9b855691a x-served-by cache-sjc10065-SJC, cache-iad-kcgs7200154-IAD x-runtime 64ms server Netlify x-timer S1703402275.488271,VS0,VE1 x-contentstack-organization bltdec97706489ab5de cache-status "Netlify Edge"; hit etag "jKC0AxkZrPJmFbPjFoFoFRtrP9+efOTZefepojbXKiA" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * access-control-expose-headers content-disposition, content-type, cache-control, status, content-length cache-control max-age=31536000 x-nf-render-mode ssr accept-ranges bytes x-cache-hits 0, 1
GET H2	200	fig6-DOCX-Content.png www.deepinstinct.com/image/bltf72caabeacbb69dc/65835d86b0fbcbc10f626012/	36 KB 37 KB	16ms 15ms	Image image/png	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.deepinstinct.com/image/bltf72caabeacbb69dc/65835d86b0fbcbc10f626012/fig6-DOCX-Content.png Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 16835b78bea5bba1e974f61c138e15e4a3894e74c6beaf1d99e4304607783161 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZKHAARCNFW6ZBQD374 date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000 via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 292230 fastly-io-served-by vpop-haf2300713 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 x-cache MISS, HIT fastly-io-info ifsz=68315 idim=667x697 ifmt=png ofsz=37053 odim=667x697 ofmt=png content-disposition inline; filename=fig6-DOCX-Content.png fastly-stats io=1 content-length 37053 x-xss-protection 1 x-request-id f1acbc9eb8b70a97a6037f572a7925b7 x-served-by cache-sjc1000123-SJC, cache-iad-kjyo7100024-IAD x-runtime 97ms server Netlify x-timer S1703402275.385073,VS0,VE2 x-contentstack-organization bltdec97706489ab5de cache-status "Netlify Edge"; hit etag "3f3NDuKe5bteheJYpkvv46OOEe3ETFroopmb0jl/v8Y" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * access-control-expose-headers content-disposition, content-type, cache-control, status, content-length cache-control max-age=31536000 x-nf-render-mode ssr accept-ranges bytes x-cache-hits 0, 1
GET H2	200	fig7-GetScreen-Command.png www.deepinstinct.com/image/blt9bd8ef7a5cd0ea04/65835d981f8952d579911826/	10 KB 10 KB	21ms 19ms	Image image/png	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.deepinstinct.com/image/blt9bd8ef7a5cd0ea04/65835d981f8952d579911826/fig7-GetScreen-Command.png Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 4f9af800e400ba3b5c531f5c46771504f7f06ba91d227462488b7be9824fdc07 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZSX37QJ7CHB47ABM35 date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000 via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 292231 fastly-io-served-by vpop-haf2300714 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 x-cache MISS, HIT fastly-io-info ifsz=19021 idim=1254x277 ifmt=png ofsz=9863 odim=1254x277 ofmt=png content-disposition inline; filename=fig7-GetScreen-Command.png fastly-stats io=1 content-length 9863 x-xss-protection 1 x-request-id fc317e7cc3e9385f962fb03a15319e42 x-served-by cache-sjc10053-SJC, cache-iad-kjyo7100146-IAD x-runtime 110ms server Netlify x-timer S1703402275.425851,VS0,VE2 x-contentstack-organization bltdec97706489ab5de cache-status "Netlify Edge"; hit etag "3JQ/K88L9BS5pltkDJJWohuDHEWeR9BfV4kdbrb7GU0" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * access-control-expose-headers content-disposition, content-type, cache-control, status, content-length cache-control max-age=31536000 x-nf-render-mode ssr accept-ranges bytes x-cache-hits 0, 1
GET H2	200	fig8-Recon-Command.png www.deepinstinct.com/image/bltfda9c4f87ac4975c/65835d98be5d263767657a9a/	2 KB 3 KB	20ms 19ms	Image image/png	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.deepinstinct.com/image/bltfda9c4f87ac4975c/65835d98be5d263767657a9a/fig8-Recon-Command.png Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash c6c2d5a45d80ea21ecb7ebb7d8beaf0f1a0130c3d78621a1de4b7efe6ec8cc40 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZSADK9HV5S800FFRMK date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000 via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 292231 fastly-io-served-by vpop-haf2300701 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 x-cache MISS, HIT fastly-io-info ifsz=3444 idim=768x49 ifmt=png ofsz=2219 odim=768x49 ofmt=png content-disposition inline; filename=fig8-Recon-Command.png fastly-stats io=1 content-length 2219 x-xss-protection 1 x-request-id 6388f83d9ad9b38cd63c5429d8c81e62 x-served-by cache-sjc1000111-SJC, cache-iad-kcgs7200021-IAD x-runtime 153ms server Netlify x-timer S1703442501.108730,VS0,VE1 x-contentstack-organization bltdec97706489ab5de cache-status "Netlify Edge"; hit etag "U6zHgHM5ouJzb0NZg3ALm9j5h47UVcv/Ci2Do8jf16o" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * access-control-expose-headers content-disposition, content-type, cache-control, status, content-length cache-control max-age=31536000 x-nf-render-mode ssr accept-ranges bytes x-cache-hits 0, 1
GET H2	200	fig9-Smudged-decoy-PDF.png www.deepinstinct.com/image/blt13277171b51512f1/6583613d0543c5286e8f08c9/	98 KB 98 KB	22ms 21ms	Image image/png	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.deepinstinct.com/image/blt13277171b51512f1/6583613d0543c5286e8f08c9/fig9-Smudged-decoy-PDF.png Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash d63811d12c0a92b19be7a82dd1f4487b8abe81d8096262c6071855989c54e8ee Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZTWEZJ6P5KMF5K4ZTS date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000 via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 292230 fastly-io-served-by vpop-haf2300705 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 x-cache MISS, HIT fastly-io-info ifsz=136590 idim=1540x1080 ifmt=png ofsz=100143 odim=1540x1080 ofmt=png content-disposition inline; filename=fig9-Smudged-decoy-PDF.png fastly-stats io=1 content-length 100143 x-xss-protection 1 x-request-id 6db4b1ea37a5d9dfa2de8e98681c813c x-served-by cache-sjc10035-SJC, cache-iad-kjyo7100042-IAD x-runtime 129ms server Netlify x-timer S1703402275.474758,VS0,VE3 x-contentstack-organization bltdec97706489ab5de cache-status "Netlify Edge"; hit etag "LAGFUe/RzeORe4cJdeMV9qBMj42BH4C8FZdFoas2cAI" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * access-control-expose-headers content-disposition, content-type, cache-control, status, content-length cache-control max-age=31536000 x-nf-render-mode ssr accept-ranges bytes x-cache-hits 0, 1
GET H2	200	fig10-HTA-content.png www.deepinstinct.com/image/blt1289482c7f012b60/65835d984135c46e76567bc0/	48 KB 48 KB	27ms 26ms	Image image/png	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.deepinstinct.com/image/blt1289482c7f012b60/65835d984135c46e76567bc0/fig10-HTA-content.png Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 37f03b0d211b2860fb00973441f1973286d4428c7f876568a18fd0a66add9414 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZT206C73KZCFF0G2NN date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000 via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 292233 fastly-io-served-by vpop-haf2300706 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 x-cache MISS, HIT fastly-io-info ifsz=49023 idim=1200x612 ifmt=png ofsz=48993 odim=1200x612 ofmt=png content-disposition inline; filename=fig10-HTA-content.png fastly-stats io=1 content-length 48993 x-xss-protection 1 fastly-io-warning Failed to shrink image x-request-id 6684041e6695ca830e53803bd7f3a7d8 x-served-by cache-sjc1000115-SJC, cache-iad-kjyo7100102-IAD x-runtime 88ms server Netlify x-timer S1703402277.093715,VS0,VE2 x-contentstack-organization bltdec97706489ab5de cache-status "Netlify Edge"; hit etag "5CKzJlQgJn4k0xCdhcqKRmeOp9orT7aODbDqzRrrJ7k" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * access-control-expose-headers content-disposition, content-type, cache-control, status, content-length cache-control max-age=31536000 x-nf-render-mode ssr accept-ranges bytes x-cache-hits 0, 1
GET H2	200	fig11-Malicious-cmd-inside-zip.png www.deepinstinct.com/image/blte04762783408272b/65835d98b0fbcb3e03626016/	13 KB 14 KB	19ms 18ms	Image image/png	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.deepinstinct.com/image/blte04762783408272b/65835d98b0fbcb3e03626016/fig11-Malicious-cmd-inside-zip.png Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 6b9c9623b1440f33720857779c0495a039ea4d934fce9c2f746a5eb1491e25ba Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTRZTBGSSA4TV0SBW5HFA date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000 via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 292231 fastly-io-served-by vpop-haf2300712 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 x-cache MISS, HIT fastly-io-info ifsz=23786 idim=1173x121 ifmt=png ofsz=13659 odim=1173x121 ofmt=png content-disposition inline; filename=fig11-Malicious-cmd-inside-zip.png fastly-stats io=1 content-length 13659 x-xss-protection 1 x-request-id 48efb6dc213ecd6e9a6ae427522e2e13 x-served-by cache-sjc10073-SJC, cache-iad-kjyo7100036-IAD x-runtime 85ms server Netlify x-timer S1703402275.451024,VS0,VE2 x-contentstack-organization bltdec97706489ab5de cache-status "Netlify Edge"; hit etag "CwhvOnOLWX28WAwCelCoSIugQrPhdCA5pbh3Rltqa84" x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * access-control-expose-headers content-disposition, content-type, cache-control, status, content-length cache-control max-age=31536000 x-nf-render-mode ssr accept-ranges bytes x-cache-hits 0, 1
GET H2	200	gtm.js Show response www.googletagmanager.com/	272 KB 94 KB	176ms 67ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-52PC3MW Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5db5711a3596b7bac313044080f748fba084690d340c8eaabfcf316d1fa06d33 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95604 x-xss-protection 0 last-modified Mon, 25 Dec 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 25 Dec 2023 02:11:01 GMT
GET H2	200	p.css p.typekit.net/	5 B 172 B	47ms 7ms	Stylesheet text/css	2a02:26f0:3500:16::215:1495 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=zka3qml&ht=tk&f=10954.13454.13466.28969&a=83637106&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/zka3qml.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers accept-language de-DE,de;q=0.9 Referer https://use.typekit.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT last-modified Fri, 23 Jun 2023 17:09:47 GMT server nginx etag "6495d1db-5" content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash af144d639dc5c33722d3426bda462d68577e1c63ab319abf355da1ef73859495 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	l use.typekit.net/af/04ec74/00000000000000000001205b/27/	29 KB 29 KB	20ms 7ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/04ec74/00000000000000000001205b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/zka3qml.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 8d0056dcc26b8dce6be00539697962adb12475fbf9cbf7fdcbc7c81b2ae7328d Request headers Referer https://use.typekit.net/zka3qml.css Origin https://www.deepinstinct.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT server nginx etag "1c4557ace28950fbc49487c3a85660222d5fe232" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 29588
GET H2	200	l use.typekit.net/af/1709eb/000000000000000000010b60/27/	24 KB 24 KB	21ms 8ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/1709eb/000000000000000000010b60/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/zka3qml.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash f94786fe65dcbc65b0099b471ae2bb89bbabd7fa7d8573dd3c4e0f5bbe555447 Request headers Referer https://use.typekit.net/zka3qml.css Origin https://www.deepinstinct.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT server nginx etag "9bd0488a91630a3c738a4d950e0b0b7930bcb98f" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 24740
GET H2	200	l use.typekit.net/af/442215/000000000000000000010b5a/27/	23 KB 23 KB	25ms 12ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/442215/000000000000000000010b5a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/zka3qml.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 8d5da73586712159bb569fbfbd370f05a258113b2591ba238ef4e7bde1db13b7 Request headers Referer https://use.typekit.net/zka3qml.css Origin https://www.deepinstinct.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT server nginx etag "9523c64514161c03124fab238b18113d17bad9eb" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 23800
GET H2	200	2757.2159eeb22ad7f48b.js Show response www.deepinstinct.com/_next/static/chunks/	427 B 535 B	9ms 9ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/2757.2159eeb22ad7f48b.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/webpack-6edcada4c306df09.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 90aca30e747dbe0cd4ae4a29a0d588aff8693e295bb1d5c322188955608f658b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS3XYAEEG74X2DAG6PJY date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff server Netlify age 64008 cache-status "Netlify Edge"; hit etag "ea3356e96273b299596c36abefe566dc-ssl" surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes content-length 427 x-xss-protection 1
GET H2	200	5972.698bd1faa1f17a01.js Show response www.deepinstinct.com/_next/static/chunks/	4 KB 2 KB	235ms 235ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/5972.698bd1faa1f17a01.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/webpack-6edcada4c306df09.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 73de89ad27fa1fcfb8372b6656106165d4865b3ee287ad208f0074ef99f586b7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS3XJQEPTAGCFV9MBP7Z date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "a3f7c9173a6a7c28378b624f8967099b-ssl-df" surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes x-xss-protection 1
GET H2	200	5518.80f4656ccdd1c449.js Show response www.deepinstinct.com/_next/static/chunks/	23 KB 9 KB	9ms 9ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/5518.80f4656ccdd1c449.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/webpack-6edcada4c306df09.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash ba546f8a87a68abc792ddd24f67f1941f15f77e2605b6cad27d798cfd256df37 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS3XC53VJ6AXABWCPVH5 date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 17676 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 9304 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "b2cee7f89e132f787a454fe3452dcf6f-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	2f9e2c2f1c3b95ee.css www.deepinstinct.com/_next/static/css/	1 KB 411 B	11ms 11ms	Stylesheet text/css	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/css/2f9e2c2f1c3b95ee.css Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/webpack-6edcada4c306df09.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 4574422b79a9d4a5793b41636bfcf680e171b4f050e4089b78c8fb48d16af49d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS3XQ8E6PMVFQ5SX6PC7 date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 64008 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 298 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "3a249d17bf4d3e5c346d38680463a967-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	5285.9d8099bf125cc883.js Show response www.deepinstinct.com/_next/static/chunks/	4 KB 2 KB	12ms 12ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/5285.9d8099bf125cc883.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/webpack-6edcada4c306df09.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 2127e8d78f9fdf06128e950834caad94dcce05a128133818a9b32102aaa06b8c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS3X43SHMNFC07TYD44D date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 64008 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 1547 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "b095565831c0da26124297989ba717ad-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	8286.e06f0b67431c1f9c.js Show response www.deepinstinct.com/_next/static/chunks/	3 KB 1 KB	10ms 10ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/8286.e06f0b67431c1f9c.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/webpack-6edcada4c306df09.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 24c48fd2d041715dacda429b49d2077dc9ea1e980a8168f0a0bba850a1381a7f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS3YKHA642V8YRDDA9CY date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 51326 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 1248 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "2f7d3701f16d3e9e62791e372b61b874-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	1264.1e83e2e3d087aa66.js Show response www.deepinstinct.com/_next/static/chunks/	1 KB 849 B	12ms 12ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/1264.1e83e2e3d087aa66.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/webpack-6edcada4c306df09.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash d90b93e7a6b3c90b899c78d766efd2ee94dca853b273313b8dbc333cbc328e25 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS3YN6T4T7R4D020RHKM date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 64008 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 733 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "be8c7492039a144a8d9684247c13ac4f-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	3204.4d4bc288e26c86f6.js Show response www.deepinstinct.com/_next/static/chunks/	2 KB 999 B	9ms 9ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/3204.4d4bc288e26c86f6.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/webpack-6edcada4c306df09.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 551397ca1cc84b261fbfb4ec91a3be7e5cb4704f58bdc293808a2f06e904e8d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS458ST3FM9HSVVEFHMB date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 47148 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 901 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "dd009410288c27e6cd33231e671cf793-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	5500.a842325987ceada0.js Show response www.deepinstinct.com/_next/static/chunks/	560 B 649 B	9ms 9ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/5500.a842325987ceada0.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/webpack-6edcada4c306df09.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash df8d379a7d695bed8a2c8c58fa2b7b5c06837252815cf494b12e65d67c245060 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS4582Z0S884FFKAB12W date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff server Netlify age 64008 cache-status "Netlify Edge"; hit etag "118ae891cf5dfbfeef1f2adfda3ad3b2-ssl" surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes content-length 560 x-xss-protection 1
GET H2	200	6773.39400dc36a5f8737.js Show response www.deepinstinct.com/_next/static/chunks/	1 KB 749 B	10ms 10ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/6773.39400dc36a5f8737.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/webpack-6edcada4c306df09.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 8908366014bb39af214d72a81154943df61d430966ae776aeda1e1bf094b10b3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS451QB4H2F414KWW6B4 date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 64008 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 641 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "7ace6ce2dee916ea67f97bffa4ba7944-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	4082.f76b657326d5df42.js Show response www.deepinstinct.com/_next/static/chunks/	376 B 523 B	10ms 9ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/4082.f76b657326d5df42.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/webpack-6edcada4c306df09.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 9c0180fc3efb7e159a483e9f2c8ea7db1595a30cd8e3bd0f7b6f391405c3352a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS45KAW3H9FKFR3Z479E date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff server Netlify age 64008 cache-status "Netlify Edge"; hit etag "bee1acf8fadd1754c45d9212ccb279ba-ssl" surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes content-length 376 x-xss-protection 1
GET H2	200	2030.f80c6d0379cfe528.js Show response www.deepinstinct.com/_next/static/chunks/	2 KB 894 B	10ms 10ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/2030.f80c6d0379cfe528.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/webpack-6edcada4c306df09.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 1b791f37e7cfac61b4b9e28963f4afbbc99fce9766fe8a872d8196dc7dc21375 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS5TZKS0A5AWP6FCMAW3 date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 64008 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 799 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "4fed16b2901cda466d5d42bd5eafbf60-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H/1.1	200 OK	st.js Show response s.swiftypecdn.com/install/v2/	416 KB 110 KB	43ms 6ms	Script text/javascript	151.101.64.143 FASTLY
General Check archive.org Show headers Download Go to Full URL https://s.swiftypecdn.com/install/v2/st.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.64.143 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2d7c7930eb39d59cd8c2dc00652977da3ed72347e7cd465f7b540e10e2121c22 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Mon, 25 Dec 2023 02:11:01 GMT Content-Encoding gzip Via 1.1 varnish Age 192 X-Cache HIT Connection keep-alive Content-Length 112326 X-Served-By cache-fra-eddf8230125-FRA X-Timer S1703470261.476908,VS0,VE0 ETag "644bc37d-1b6c6" Vary Accept-Encoding Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=300, public, max-age=300, public Accept-Ranges bytes X-Cache-Hits 112
GET H2	200	https%3A%2F%2Fwww.deepinstinct.com%2Fimage%2Fblt11bdc9f7133b9458%2F65835dd5a2c41f4af9daf19e%2Fblog-image-UAC-099-Ukraine.png www.deepinstinct.com/_ipx/w_1680,q_100/ Redirect Chain https://www.deepinstinct.com/_next/image?url=https%3A%2F%2Fwww.deepinstinct.com%2Fimage%2Fblt11bdc9f7133b9458%2F65835dd5a2c41f4af9daf19e%2Fblog-image-UAC-099-Ukraine.png&w=1680&q=100 https://www.deepinstinct.com/_ipx/w_1680,q_100/https%3A%2F%2Fwww.deepinstinct.com%2Fimage%2Fblt11bdc9f7133b9458%2F65835dd5a2c41f4af9daf19e%2Fblog-image-UAC-099-Ukraine.png?url=https%3A%2F%2Fwww.dee...	202 KB 203 KB	9ms 9ms	Image image/png	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.deepinstinct.com/_ipx/w_1680,q_100/https%3A%2F%2Fwww.deepinstinct.com%2Fimage%2Fblt11bdc9f7133b9458%2F65835dd5a2c41f4af9daf19e%2Fblog-image-UAC-099-Ukraine.png?url=https%3A%2F%2Fwww.deepinstinct.com%2Fimage%2Fblt11bdc9f7133b9458%2F65835dd5a2c41f4af9daf19e%2Fblog-image-UAC-099-Ukraine.png&w=1680&q=100 Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash be92015e7c667a8a2ed5e2f0827d80575a2fabf51804df273104157e591c2cee Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTSB29XMPGV461BXNW5PF content-security-policy default-src 'none' date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000 server Netlify age 54303 cache-status "Netlify Edge"; hit etag "329b0-J8+eDAT6nvbgo8zemwz5MveOiVw" content-type image/png cache-control public,max-age=0,must-revalidate content-length 207280 Redirect headers x-nf-request-id 01HJFBTS7NQM7WZQSCQTJPV9DQ date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss content-type text/plain location /_ipx/w_1680,q_100/https%3A%2F%2Fwww.deepinstinct.com%2Fimage%2Fblt11bdc9f7133b9458%2F65835dd5a2c41f4af9daf19e%2Fblog-image-UAC-099-Ukraine.png?url=https%3A%2F%2Fwww.deepinstinct.com%2Fimage%2Fblt11bdc9f7133b9458%2F65835dd5a2c41f4af9daf19e%2Fblog-image-UAC-099-Ukraine.png&w=1680&q=100
GET H2	200	https%3A%2F%2Fimages.contentstack.io%2Fv3%2Fassets%2Fblt1ec077b6b53d6b3e%2Fbltfdfca743f7ac9662%2F630e2d5d8bdc107d4a01ba3f%2F800x800-blue-monogram.png www.deepinstinct.com/_ipx/w_64,q_75/ Redirect Chain https://www.deepinstinct.com/_next/image?url=https%3A%2F%2Fimages.contentstack.io%2Fv3%2Fassets%2Fblt1ec077b6b53d6b3e%2Fbltfdfca743f7ac9662%2F630e2d5d8bdc107d4a01ba3f%2F800x800-blue-monogram.png&w=... https://www.deepinstinct.com/_ipx/w_64,q_75/https%3A%2F%2Fimages.contentstack.io%2Fv3%2Fassets%2Fblt1ec077b6b53d6b3e%2Fbltfdfca743f7ac9662%2F630e2d5d8bdc107d4a01ba3f%2F800x800-blue-monogram.png?url...	667 B 796 B	8ms 8ms	Image image/png	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.deepinstinct.com/_ipx/w_64,q_75/https%3A%2F%2Fimages.contentstack.io%2Fv3%2Fassets%2Fblt1ec077b6b53d6b3e%2Fbltfdfca743f7ac9662%2F630e2d5d8bdc107d4a01ba3f%2F800x800-blue-monogram.png?url=https%3A%2F%2Fimages.contentstack.io%2Fv3%2Fassets%2Fblt1ec077b6b53d6b3e%2Fbltfdfca743f7ac9662%2F630e2d5d8bdc107d4a01ba3f%2F800x800-blue-monogram.png&w=64&q=75 Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 8fd4ce59a9d1e64d62c68a2abea4d2859757babb19c8032c04a4ab4c9926cf3e Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS8BZW30JQMC40NR075T content-security-policy default-src 'none' date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000 server Netlify age 27726 cache-status "Netlify Edge"; hit etag 40-fjlcxVZVRMPm+x2T+BGeUEgWqSI content-type image/png cache-control public,max-age=0,must-revalidate content-length 667 Redirect headers x-nf-request-id 01HJFBTS7N0M69HV2NWFXB0V1K date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss content-type text/plain location /_ipx/w_64,q_75/https%3A%2F%2Fimages.contentstack.io%2Fv3%2Fassets%2Fblt1ec077b6b53d6b3e%2Fbltfdfca743f7ac9662%2F630e2d5d8bdc107d4a01ba3f%2F800x800-blue-monogram.png?url=https%3A%2F%2Fimages.contentstack.io%2Fv3%2Fassets%2Fblt1ec077b6b53d6b3e%2Fbltfdfca743f7ac9662%2F630e2d5d8bdc107d4a01ba3f%2F800x800-blue-monogram.png&w=64&q=75
GET H2	200	prevention-for-storage.json Show response www.deepinstinct.com/_next/data/xDDwJPcQKjoAur_17JNcJ/en/	19 KB 6 KB	131ms 131ms	Fetch application/json	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/data/xDDwJPcQKjoAur_17JNcJ/en/prevention-for-storage.json?pid=prevention-for-storage Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/main-56046b3e412722f8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 41eab1c358dfe724fe5a6be9e98a89618a7b54e2ca16b40c18d4b3649e3284e3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers purpose prefetch x-nextjs-data 1 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS7R83GYV87XQDP44QSM date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 x-nextjs-matched-path /en/[pid] age 545 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 x-nextjs-cache REVALIDATED x-xss-protection 1 server Netlify cache-status "Netlify Edge"; fwd=stale etag "4d8d-lJRvdvO9Cz23IiSFxuJOGvxEdYY-df-df" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/json x-nf-render-mode odb ttl=600 cache-control public,max-age=0,must-revalidate
GET H2	200	%5Bpid%5D-e8101f9528849ba0.js www.deepinstinct.com/_next/static/chunks/pages/	0 1 KB	262ms 261ms	Other application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/pages/%5Bpid%5D-e8101f9528849ba0.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/main-56046b3e412722f8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS7TE3757EESVRPMTJ05 date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 server Netlify age 0 cache-status "Netlify Edge"; fwd=miss etag "523b9bd79bbb0e4229e1ad0ab8546e57-ssl-df" surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes x-xss-protection 1
GET H2	200	blog.json Show response www.deepinstinct.com/_next/data/xDDwJPcQKjoAur_17JNcJ/en/	93 KB 24 KB	161ms 160ms	Fetch application/json	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/data/xDDwJPcQKjoAur_17JNcJ/en/blog.json?pid=blog Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/main-56046b3e412722f8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash e108734a25a6fda4fb678d1ffc8592d3a79e60b50a154177a32c8a07fc63563c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers purpose prefetch x-nextjs-data 1 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS7TE3ES1DPW0TW3HRW1 date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 x-nextjs-matched-path /en/[pid] age 219 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 x-nextjs-cache REVALIDATED x-xss-protection 1 server Netlify cache-status "Netlify Edge"; fwd=stale etag "174f9-besh90q6Lya4OB8Ftp1Bu6KbitY-df" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/json x-nf-render-mode odb ttl=60 cache-control public,max-age=0,must-revalidate
GET H2	200	1.json Show response www.deepinstinct.com/_next/data/xDDwJPcQKjoAur_17JNcJ/en/author/deep-instinct-research/page/	240 KB 59 KB	208ms 208ms	Fetch application/json	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/data/xDDwJPcQKjoAur_17JNcJ/en/author/deep-instinct-research/page/1.json Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/main-56046b3e412722f8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 69758e792d9d9eebeac2d7c316671a230efd1983c50cc4244d9313ec990b5251 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers purpose prefetch x-nextjs-data 1 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS7TPRFV08F68W5K1679 date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 x-nextjs-matched-path /en/author/[uid]/page/[pid] age 429 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 x-nextjs-cache REVALIDATED x-xss-protection 1 server Netlify cache-status "Netlify Edge"; fwd=stale etag "3c066-erkYBtCXtXDYCkzS+JlisMqX6AQ-df" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/json x-nf-render-mode odb ttl=60 cache-control public,max-age=0,must-revalidate
GET H2	200	%5Bpid%5D-a925212826d2c176.js www.deepinstinct.com/_next/static/chunks/pages/author/%5Buid%5D/page/	0 4 KB	20ms 19ms	Other application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/pages/author/%5Buid%5D/page/%5Bpid%5D-a925212826d2c176.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/main-56046b3e412722f8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS7TQY1E4V9DEE02XTWV date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 54305 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 3535 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "b2271a5063d019b5df9f3f15016a16be-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	partners.json Show response www.deepinstinct.com/_next/data/xDDwJPcQKjoAur_17JNcJ/en/	24 KB 6 KB	132ms 132ms	Fetch application/json	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/data/xDDwJPcQKjoAur_17JNcJ/en/partners.json?pid=partners Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/main-56046b3e412722f8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 8e460592b3512fa193a27a9027375464052ad8e546316069a79673ccf048085e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers purpose prefetch x-nextjs-data 1 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS7T3F2KSKWFVREHZ7CV date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 x-nextjs-matched-path /en/[pid] age 227 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 x-nextjs-cache REVALIDATED x-xss-protection 1 server Netlify cache-status "Netlify Edge"; fwd=stale etag "5e7a-GxWKDClHVRYy+kowYXG7BlGxZ6s-df-df" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/json x-nf-render-mode odb ttl=600 cache-control public,max-age=0,must-revalidate
GET H2	200	1259.2c2ed873ed26db49.js Show response www.deepinstinct.com/_next/static/chunks/	2 KB 1 KB	10ms 9ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/1259.2c2ed873ed26db49.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/webpack-6edcada4c306df09.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 66452618423fb997d299a94cd1373cd8d9ecc3c3976be0a6dbe3adf78113768e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS8BFYXZA6J42SEQ3V1P date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 108022 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 937 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "596e52d2b39ce2af98e4119019466bb3-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H/1.1	200 OK	NW3rMrxBqJx71BachJFa.json Show response s.swiftypecdn.com/install/v2/config/	19 KB 5 KB	593ms 579ms	XHR application/json	151.101.64.143 FASTLY
General Check archive.org Show headers Download Go to Full URL https://s.swiftypecdn.com/install/v2/config/NW3rMrxBqJx71BachJFa.json Requested by Host: s.swiftypecdn.com URL: https://s.swiftypecdn.com/install/v2/st.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.64.143 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9a496e8b9da307a0d817e4104c0418c6ff0c8841c6bbb8e426a424d304ac3296 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Referer https://www.deepinstinct.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Mon, 25 Dec 2023 02:11:02 GMT Content-Encoding gzip X-Content-Type-Options nosniff Via 1.1 varnish X-Permitted-Cross-Domain-Policies none Age 0 X-Cache HIT Connection keep-alive Content-Length 4251 X-XSS-Protection 1; mode=block X-Request-Id 8fa0b57ff5c3efceaa108fcdb58f43b7 X-Served-By cache-fra-eddf8230133-FRA Referrer-Policy strict-origin-when-cross-origin Last-Modified Tue, 16 May 2023 16:51:29 GMT X-Timer S1703470262.545875,VS0,VE573 ETag W/"0b4dc992c692095d33a1f63f87bd38a6" X-Download-Options noopen X-Frame-Options SAMEORIGIN Access-Control-Max-Age 7200 Access-Control-Allow-Methods GET, POST Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers Cache-Control max-age=300, public Access-Control-Allow-Credentials true Vary Accept-Encoding, Origin Accept-Ranges bytes X-Cache-Hits 1
GET H2	200	js Show response www.googletagmanager.com/gtag/	244 KB 84 KB	69ms 68ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-P5MMKMDSNW&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-52PC3MW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4d0595824c5a9f284603ba62af625f7b35cffa0381c6929912e7da092c6a95df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 86182 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 25 Dec 2023 02:11:01 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	160ms 51ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-52PC3MW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 25 Dec 2023 01:48:17 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1364 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 25 Dec 2023 03:48:17 GMT
GET H2	200	hotjar-1665869.js Show response static.hotjar.com/c/	9 KB 4 KB	68ms 39ms	Script application/javascript	18.66.97.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1665869.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-52PC3MW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-49.fra56.r.cloudfront.net Software / Resource Hash 4be18d2100c0a8fd1a7bb064362b3cdf855c077dc5f42ca58243e6b2071aa8ef Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Mon, 25 Dec 2023 02:11:01 GMT via 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 etag W/c38c8eef8f475df972c4d568ab00ceec vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id 8rEvr-Eib0GQp3GGCHm-XXzsFfVJeqVJFIRR0ba4yZR41SY_ytcFyQ==
GET H2	200	8430ce879b38826d.min.js Show response tag.demandbase.com/	74 KB 21 KB	56ms 20ms	Script application/javascript	108.157.4.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tag.demandbase.com/8430ce879b38826d.min.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-125.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash b38dd2dca58faf4914e0a8b1486e7605ce6de351b5302a5fa221cc486b18c927 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id Xzv0JeEFapZPyzZHeUu0Brm7.QM7Tg5F content-encoding gzip via 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront) date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-amz-cf-pop DUS51-P2 age 3519 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 11 Dec 2023 17:35:04 GMT server AmazonS3 etag W/"28d036d587aab8279e99fe948ae35306" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=3600 permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=() x-amz-cf-id rWq9t_4MQAAcMDU9q2YfA16bIkPbxJ77wlh1-ZQuhE20Bp0dov4fjA==
GET H2	200	2183098.js Show response js.hs-scripts.com/	1 KB 1 KB	137ms 122ms	Script application/javascript	2606:4700::6810:bf59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/2183098.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-52PC3MW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:bf59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2977aa2b437fdfeb45c7ed8e5cfcf8cd99a8b00ba83567cf701d4688901ef1c4 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id b6868866-69ed-4b8f-a75e-143827762641 x-envoy-upstream-service-time 11 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id b6868866-69ed-4b8f-a75e-143827762641 last-modified Mon, 25 Dec 2023 00:01:35 GMT server cloudflare x-trace 2B4DCE2238E2F12D1B142C0E6C050C90939CE9EF44000000000000000000 vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://www.deepinstinct.com x-evy-trace-virtual-host all cache-control public, max-age=60 access-control-allow-credentials true x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-57d4fb94bb-7m7bt cf-ray 83ad8d0ecd95902a-FRA expires Mon, 25 Dec 2023 02:12:01 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/812608847/	3 KB 2 KB	173ms 64ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812608847/?random=1703470261547&cv=11&fst=1703470261547&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v78451102&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&hn=www.googleadservices.com&frm=0&tiba=Threat%20Actor%20%27UAC-0099%27%20Continues%20to%20Target%20Ukraine&auid=33016045.1703470262&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-52PC3MW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1187bcdafa880981cd66fa29dbc0c0184756633736e08a6ef5097aa73bb2dfd9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1303 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	42 KB 15 KB	28ms 7ms	Script application/javascript	2a02:26f0:3500:16::215:149b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-52PC3MW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Dec 2023 13:09:33 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=22326 accept-ranges bytes content-length 15541
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	33ms 7ms	Script application/javascript	146.75.120.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-52PC3MW Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT content-encoding gzip last-modified Thu, 27 Oct 2022 16:56:53 GMT etag "32ad004436155ec972bc50e6238b5b67+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15375 x-served-by cache-iad-kjyo7100081-IAD, cache-fra-etou8220046-FRA
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	37ms 7ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 25 Dec 2023 02:11:01 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug y7qRBU+j+PJIRpS2XSYFCZKWQ4BeuDQ+7SsoMTKlgH2wTerYctN2cg2y9Wq5fUoMDhVhR46soc4Zx5sGA2QAsQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	67ms 35ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Mon, 25 Dec 2023 02:11:01 GMT last-modified Fri, 10 Nov 2023 20:09:55 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 4BC305CC9D2943C7B3C4889FD3752B05 Ref B: FRAEDGE1916 Ref C: 2023-12-25T02:11:01Z etag "80abcdf1114da1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13175
GET H2	200	bizible.js Show response cdn.bizible.com/scripts/	67 KB 25 KB	45ms 7ms	Script application/x-javascript	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.bizible.com/scripts/bizible.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-52PC3MW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67D4) / Resource Hash 196d92bf5816c956d998e5e2eb9579e8169d427dc9e6c19b07ef3c304c950686 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSub Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSub last-modified Wed, 20 Dec 2023 05:16:14 GMT server ECS (frb/67D4) age 17929 etag "801b7a7333da1:0" vary Accept-Encoding x-cache HIT content-type application/x-javascript cache-control max-age=86400 accept-ranges bytes content-length 25393
GET H2	200	tracking.js Show response trk.techtarget.com/	3 KB 2 KB	55ms 30ms	Script text/javascript	2606:4700:4400::6812:24c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk.techtarget.com/tracking.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:24c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT via 1.1 google content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 13 Dec 2022 15:01:39 GMT server cloudflare age 57087 vary Accept-Encoding content-type text/javascript cache-control public, max-age=1200 cf-ray 83ad8d0f0c7236de-FRA expires Mon, 25 Dec 2023 02:31:01 GMT
GET H2	200	qualified.js Show response js.qualified.com/	326 KB 101 KB	484ms 436ms	Script text/javascript	2606:4700::6812:1105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.qualified.com/qualified.js?token=DxHYmKWTScn3buDp Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-52PC3MW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 299314de318b8306e79e21b5ba96bad8e33ed4057662c860b97668f200055597 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:02 GMT content-encoding gzip via 1.1 spaces-router (devel) strict-transport-security max-age=63072000; includeSubDomains cf-cache-status MISS x-content-type-options nosniff x-permitted-cross-domain-policies none x-xss-protection 1; mode=block x-request-id 75887856-f0d5-d40e-f92a-c4000ad25472 pragma no-cache x-runtime 0.027777 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"299314de318b8306e79e21b5ba96bad8" x-download-options noopen vary Accept,Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control public, max-age=14400 cf-ray 83ad8d0f3c3868f2-FRA expires Mon, 25 Dec 2023 06:11:01 GMT
GET H2	200	%5Bpid%5D-e8101f9528849ba0.js Show response www.deepinstinct.com/_next/static/chunks/pages/	6 KB 1 KB	205ms 204ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/pages/%5Bpid%5D-e8101f9528849ba0.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/main-56046b3e412722f8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash b773cec295db3c25fc71b55ef9af457715a381bdb4cd25f31c7782e6b92bd929 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS9SR6F35ESZZASX8RR3 date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 0 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 1261 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "523b9bd79bbb0e4229e1ad0ab8546e57-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	9c5b8c422ee98ff4.css Show response www.deepinstinct.com/_next/static/css/	10 KB 2 KB	9ms 8ms	Fetch text/css	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/css/9c5b8c422ee98ff4.css Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/main-56046b3e412722f8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash def866d5ef3285482b3dbac3ab59640769e36a4a7d4c9b604a9131b789440253 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS9SP1E58GHPHWJZ1DX1 date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 64009 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 2332 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "bfe3f6706b84655f4d422f1c68e80c17-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	%5Bpid%5D-a925212826d2c176.js Show response www.deepinstinct.com/_next/static/chunks/pages/author/%5Buid%5D/page/	10 KB 4 KB	9ms 9ms	Script application/javascript	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/chunks/pages/author/%5Buid%5D/page/%5Bpid%5D-a925212826d2c176.js Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/main-56046b3e412722f8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash edf4b08b41a717a075bdc5d59065035fa94234ca5da24007f29a448801f18370 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS9SN9DRXGS4DD6TH0QX date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 54305 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 3535 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "b2271a5063d019b5df9f3f15016a16be-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	1c8317e8fe47a1f5.css Show response www.deepinstinct.com/_next/static/css/	13 KB 3 KB	20ms 19ms	Fetch text/css	2a05:d014:275:cb00::c8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.deepinstinct.com/_next/static/css/1c8317e8fe47a1f5.css Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/_next/static/chunks/main-56046b3e412722f8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb00::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 63caf21037e594d61f9d5ab0798b7652ee2fb4f6cd757a2ce44c27d099999ef4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-nf-request-id 01HJFBTS9SSX8XPJEDMW1B5P6Q date Mon, 25 Dec 2023 02:11:01 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000 age 54305 surrogate-control max-age=300, stale-while-revalidate=900, stale-if-error=900 content-length 2824 x-xss-protection 1 server Netlify cache-status "Netlify Edge"; hit etag "0b74bdf3e21f0b74916f6348ea7e7946-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public,max-age=0,must-revalidate accept-ranges bytes
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316505&time=1703470261581&url=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316505&time=1703470261581&url=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D316505%26time%3D1703470261581%26url%3Dhttps%253A%252F%252Fwww.deepinstinct.com%25... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=316505&time=1703470261581&url=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&cookiesTest=true&liSyn... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=316505&time=1703470261581&url=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&cookiesTest=true&liSy...	0 265 B	221ms 186ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=316505&time=1703470261581&url=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&cookiesTest=true&liSync=true&e_ipv6=AQJRqHbveXKZ0wAAAYyevWgBvyq_UIEVXgQax0c0Yc_Fe8HXgvSxZtttDYn2w-4dReHwKMKR Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: E04B584F0C74437694DD05F8F69AAE04 Ref B: FRAEDGE1813 Ref C: 2023-12-25T02:11:02Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYNTBPhaYN7P8MhxsbWNw== Redirect headers date Mon, 25 Dec 2023 02:11:01 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: BAFF2AFC32D4485C99C4478332CEC174 Ref B: FRAEDGE1107 Ref C: 2023-12-25T02:11:02Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=316505&time=1703470261581&url=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&cookiesTest=true&liSync=true&e_ipv6=AQJRqHbveXKZ0wAAAYyevWgBvyq_UIEVXgQax0c0Yc_Fe8HXgvSxZtttDYn2w-4dReHwKMKR x-li-proto http/2 content-length 0 x-li-uuid AAYNTBPeKjxnfguuvk0yXQ==
GET H2	200	adsct t.co/i/	43 B 376 B	130ms 109ms	Image image/gif	104.244.42.133 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=e36b07a9-0d41-4204-95b7-72aa97cc7cc9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e5d1e66f-5778-45da-8832-4a10909489c8&tw_document_href=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o61n5&type=javascript&version=2.3.29 Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.133 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-response-time 102 date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=0 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id b0aadf079d5b6ac5 cache-control no-cache, no-store, max-age=0 perf 7469935968 x-connection-hash 0b32a8114522a7d2d4eab10b616f294711421ca56dfec4ad2eb994787953cf7a content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 238 B	145ms 115ms	Image image/gif	104.244.42.131 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e36b07a9-0d41-4204-95b7-72aa97cc7cc9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e5d1e66f-5778-45da-8832-4a10909489c8&tw_document_href=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o61n5&type=javascript&version=2.3.29 Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.131 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-response-time 109 date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 430bbd79022c3fa3 cache-control no-cache, no-store, max-age=0 perf 7469935968 x-connection-hash 9c424667a62d916db19364635f02b59b0613afbecade7e4fdef5e83042da5bb3 content-length 43
GET H2	200	adsct t.co/i/	43 B 226 B	123ms 116ms	Image image/gif	104.244.42.133 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=ed00bb61-1f16-418e-8e5b-831075297347&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e5d1e66f-5778-45da-8832-4a10909489c8&tw_document_href=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzc8r&type=javascript&version=2.3.29 Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.133 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-response-time 109 date Mon, 25 Dec 2023 02:11:00 GMT strict-transport-security max-age=0 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id cdf9fa04f03ff7c9 cache-control no-cache, no-store, max-age=0 perf 7469935968 x-connection-hash 0b32a8114522a7d2d4eab10b616f294711421ca56dfec4ad2eb994787953cf7a content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 395 B	122ms 109ms	Image image/gif	104.244.42.131 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=ed00bb61-1f16-418e-8e5b-831075297347&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e5d1e66f-5778-45da-8832-4a10909489c8&tw_document_href=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzc8r&type=javascript&version=2.3.29 Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.131 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-response-time 103 date Mon, 25 Dec 2023 02:11:00 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 95af505ba96382f2 cache-control no-cache, no-store, max-age=0 perf 7469935968 x-connection-hash 9c424667a62d916db19364635f02b59b0613afbecade7e4fdef5e83042da5bb3 content-length 43
GET H2	200	468591697375107 Show response connect.facebook.net/signals/config/	133 KB 35 KB	68ms 67ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/468591697375107?v=2.9.138&r=stable&domain=www.deepinstinct.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d00d5db194be9a2ea7f7879a6bd33b835e2ee9f1db26f72dddfcf36e8ffdd039 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 25 Dec 2023 02:11:01 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug mG09HmZFyIbggYHqVMxftZfD8CxOsm+155bZAuJNKHqePlCq1XiftskwVw/hzppcYAgqlelL4nVjglpwmIChRg== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	sync Show response s.company-target.com/s/ Frame 58E9	634 B 968 B	160ms 101ms	Document text/html	34.96.71.22 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://s.company-target.com/s/sync?exc=lr Requested by Host: tag.demandbase.com URL: https://tag.demandbase.com/8430ce879b38826d.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 22.71.96.34.bc.googleusercontent.com Software / Resource Hash 45c586606ec2341ef1af93e9eb185228de147e06743b29f52ae453f97055d7ce Request headers Referer https://www.deepinstinct.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-methods GET,OPTIONS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 634 content-type text/html; charset=UTF-8 date Mon, 25 Dec 2023 02:11:01 GMT via 1.1 google
GET H2	451	464526.gif id.rlcdn.com/	0 98 B	59ms 20ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://id.rlcdn.com/464526.gif Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST H2	200	ip.json Show response api.company-target.com/api/v2/	474 B 975 B	112ms 68ms	XHR application/json	18.154.63.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&page_title=Threat%20Actor%20%27UAC-0099%27%20Continues%20to%20Target%20Ukraine Requested by Host: tag.demandbase.com URL: https://tag.demandbase.com/8430ce879b38826d.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.154.63.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-154-63-5.dus51.r.cloudfront.net Software nginx / Resource Hash cdd09f00d412f76dcc17e8cd079694af9e3ee1ecaff9c25fc2b811ebd22f52f9 Request headers Referer https://www.deepinstinct.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 25 Dec 2023 02:11:01 GMT identification-source CENTRAL content-encoding gzip via 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-P4 x-cache Miss from cloudfront request-id c0592329-d8b2-4cce-ab5f-b5d701229d87 pragma no-cache server nginx access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://www.deepinstinct.com access-control-expose-headers x-amz-cf-id cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true vary Accept-Encoding, Origin api-version v2 access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id R5uRGt25qg8lESxKGZwuN4KOQRCHWcJ0tc1wUoSsVcVOGfzAQ_w5sQ== expires Sun, 24 Dec 2023 02:11:01 GMT
GET H2	200	modules.618aa075c4d9b6424e07.js Show response script.hotjar.com/	220 KB 55 KB	43ms 10ms	Script application/javascript	18.173.233.11 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.618aa075c4d9b6424e07.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1665869.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.233.11 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-233-11.dus51.r.cloudfront.net Software / Resource Hash 4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 21 Dec 2023 10:10:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 9de95acefc7f3768292e6951facd4ecc.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-P3 age 316855 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55689 last-modified Thu, 21 Dec 2023 10:09:33 GMT etag "6ed2c6300d63320c76677ced187741fc" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id FpF3cWyXzhc3ksBvRcAq7TAMkk2_7RoEIKgqBwu4Ieo_S_fnZgE-_A==
GET H2	204	17571311.js Show response bat.bing.com/p/action/	0 115 B	31ms 29ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/17571311.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Mon, 25 Dec 2023 02:11:01 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 1977879CDACC4178827CAA24E9607E79 Ref B: FRAEDGE1916 Ref C: 2023-12-25T02:11:01Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 285 B	78ms 77ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=17571311&Ver=2&mid=14f4876c-f7bf-48df-ace1-210bc0b0ce16&sid=d9cddce0a2ca11eeaf285d48db6ca04b&vid=d9cdf5b0a2ca11eeaf25b3ff8074805e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Threat%20Actor%20%27UAC-0099%27%20Continues%20to%20Target%20Ukraine&p=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&r=&lt=966&evt=pageLoad&sv=1&rn=23928 Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 25 Dec 2023 02:11:01 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: CF6508775C4F4DE893B2DC5920C30D6F Ref B: FRAEDGE1916 Ref C: 2023-12-25T02:11:01Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gif.gif Show response ibc-flow.techtarget.com/a/	43 B 441 B	123ms 123ms	XHR image/gif	34.111.208.231 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16780454&r=1703470261636&ref=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&version=2.4 Requested by Host: trk.techtarget.com URL: https://trk.techtarget.com/tracking.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 231.208.111.34.bc.googleusercontent.com Software nginx/1.20.2 / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers ibc_rate_tier 16780454 Referer https://www.deepinstinct.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT via 1.1 google x-guploader-uploadid ABPtcPoleUAwScllkt7xNU-KzgD-yfuFdCD5ZBS4TIlK89yQ02hoe-gwZnYYnmORd5cxgNX60oA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 last-modified Thu, 08 Dec 2022 21:19:29 GMT server nginx/1.20.2 etag "fc94fb0c3ed8a8f909dbc7630a0987ff" vary Origin x-goog-generation 1670534369365034 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w== cache-control public, max-age=3600 access-control-allow-methods GET, POST, OPTIONS x-goog-stored-content-length 43 accept-ranges bytes access-control-allow-headers ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range expires Mon, 25 Dec 2023 03:11:01 GMT
OPTIONS H2	200	gif.gif ibc-flow.techtarget.com/a/ Frame	0 0	147ms 109ms	Preflight text/html	34.111.208.231 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16780454&r=1703470261636&ref=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&version=2.4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 231.208.111.34.bc.googleusercontent.com Software nginx/1.20.2 / Resource Hash Request headers Accept */* Access-Control-Request-Headers ibc_rate_tier Access-Control-Request-Method GET Origin https://www.deepinstinct.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-headers ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-length 0 content-type text/html; charset=UTF-8 date Mon, 25 Dec 2023 02:11:01 GMT expires Mon, 25 Dec 2023 02:11:01 GMT server nginx/1.20.2 vary Origin via 1.1 google x-guploader-uploadid ABPtcPppOmnKzUtnvjpmRWYzBGjnWpW4XkQnbcfXACY_jrFv_3GxugwLjc0HgWpKgELYYskg1xs
POST H2	204	collect region1.google-analytics.com/g/	0 257 B	101ms 36ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-P5MMKMDSNW&gtm=45je3bt0v868549395z878451102&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=28198573.1703470262&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703470261&sct=1&seg=0&dl=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&dt=Threat%20Actor%20%27UAC-0099%27%20Continues%20to%20Target%20Ukraine&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1145 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-P5MMKMDSNW&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Mon, 25 Dec 2023 02:11:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.deepinstinct.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	2183098.js Show response js.hs-analytics.net/analytics/1703470200000/	66 KB 21 KB	154ms 138ms	Script text/javascript	2606:4700::6810:4fba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1703470200000/2183098.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/2183098.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f3a916792494b5f0610e1a87711240bc21520271505e85c39906a2f6a7081cb Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT x-amz-version-id null content-encoding br cf-cache-status MISS x-amz-request-id 36ZF875YTAM53DN3 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 0d99c763-53f0-45b6-8af0-0ab4233917fc x-envoy-upstream-service-time 21 x-amz-id-2 seNFUMsjOqQtufsintHP9DytTiRx68qsuCg2FF+N/IjGFj3G8OCSxkhPiLj2X71BZLpliquEGWuU8oMP+Bkp6qU2JxZuvIidAPrlrmTRTCo= x-evy-trace-listener listener_https x-request-id 0d99c763-53f0-45b6-8af0-0ab4233917fc x-evy-trace-route-configuration listener_https/all last-modified Wed, 15 Nov 2023 17:13:51 GMT server cloudflare etag W/"0156cda210f632e742903c24d1ae97d9" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-55f4f74954-qdt7s cache-control max-age=300,public access-control-allow-credentials false cf-ray 83ad8d0fbbff1e53-FRA expires Mon, 25 Dec 2023 02:16:01 GMT
GET H2	200	2183098.js Show response js.hs-banner.com/	63 KB 16 KB	324ms 307ms	Script text/javascript	2606:4700:4400::6812:22e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/2183098.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/2183098.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab7b62a5ad1f257ba7cb384de7603f29b66599eda40370f812c1adbb788b45b5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:02 GMT x-amz-version-id XYJVPknZtLx999OIAY2h6NhrIJGrPF1L content-encoding br cf-cache-status REVALIDATED x-amz-request-id AEEW3JYZR415EKXG x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 1b6686d0-b4b1-4374-a208-1399de58355b x-envoy-upstream-service-time 108 x-amz-id-2 WnY8dyhVbg7q2WRRWqskIhVv1fJaDARTCm4Q76kK9xzn0zRjrZ75GUu1P3ijSK9L3/9ip4QPZPc= x-evy-trace-listener listener_https x-request-id 1b6686d0-b4b1-4374-a208-1399de58355b x-evy-trace-route-configuration listener_https/all last-modified Mon, 18 Dec 2023 20:08:55 GMT server cloudflare etag W/"c0ce61b48daea024d2b62c2f31452e40" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://www.deepinstinct.com x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-55f4f74954-z9bm5 vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 83ad8d0fdc162bc7-FRA expires Mon, 25 Dec 2023 02:16:01 GMT
GET H2	200	leadflows.js Show response js.hsleadflows.net/	551 KB 88 KB	162ms 131ms	Script application/javascript	2606:4700::6812:7d0c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsleadflows.net/leadflows.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/2183098.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:7d0c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a59a536f6a35976c81d050cc1f734740643674e9736ae066f85213a5535e7a0a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.deepinstinct.com/ Origin https://www.deepinstinct.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers content-encoding br x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1291/bundle/main/lead-flows-release.js&cfRay=83ad8d0ffd356993-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"c314aa317d74a89c787c3c4a9d2fd97c" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=86400, max-age=0 x-hs-target-asset lead-flows-js/static-1.1291/bundle/main/lead-flows-release.js date Mon, 25 Dec 2023 02:11:01 GMT x-amz-version-id QUNwK0xemzsIqupWMH2b5phjsLRnkTKD via 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status MISS x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id 7a273e54-d970-4fdc-8dd1-15fe1f0ec9a5 x-cache Hit from cloudfront cache-tag staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod x-envoy-upstream-service-time 8 x-evy-trace-route-configuration listener_https/all x-request-id 7a273e54-d970-4fdc-8dd1-15fe1f0ec9a5 last-modified Mon, 04 Dec 2023 12:11:15 UTC server cloudflare access-control-max-age 3000 x-hs-cache-status MISS x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-798df77cc5-4shmr cf-ray 83ad8d0ffd356993-FRA x-amz-cf-id z-5roSa3HV2wlML1TDKLK-VIoj601IsHnhrgciy4lmtHXlxaDE7p_A==
GET H2	200	ipv cdn.bizible.com/	43 B 305 B	7ms 7ms	Image image/gif	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=40a3fa04b9834c40afb779171551e597&_biz_l=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&_biz_t=1703470261686&_biz_i=Threat%20Actor%20%27UAC-0099%27%20Continues%20to%20Target%20Ukraine&_biz_n=0&rnd=253012&cdn_o=a&_biz_z=1703470261687 Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67BA) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSub Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000; includeSub last-modified Tue, 19 Dec 2023 17:44:12 GMT server ECS (frb/67BA) age 462409 x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type image/gif cache-control no-cache, no-store accept-ranges bytes content-length 43 expires -1
GET H2	200	u cdn.bizibly.com/	43 B 204 B	13ms 7ms	Image image/gif	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizibly.com/u?_biz_u=40a3fa04b9834c40afb779171551e597&_biz_l=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&_biz_t=1703470261688&_biz_i=Threat%20Actor%20%27UAC-0099%27%20Continues%20to%20Target%20Ukraine&rnd=97824&cdn_o=a&_biz_z=1703470261688 Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6752) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSub Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Mon, 25 Dec 2023 02:11:01 GMT strict-transport-security max-age=31536000; includeSub last-modified Tue, 19 Dec 2023 17:44:11 GMT server ECS (frb/6752) age 462410 x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type image/gif cache-control no-cache, no-store accept-ranges bytes content-length 43 expires -1
GET H3	200	332937911623471 Show response connect.facebook.net/signals/config/	133 KB 35 KB	64ms 64ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/332937911623471?v=2.9.138&r=stable&domain=www.deepinstinct.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash eb92daae08096abd9391669dd975060a5c37b4404475830cce0ed7dd878c719e Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 25 Dec 2023 02:11:01 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug 9j9PVN4z9BYqkunAKtb5adPw1qnEDY7SowsFAmDrNPVCLsX5kbG5bCzYTjmoD4pKX2ykLXh9XT/t+biTkFqBCw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	xdc.js Show response cdn.bizible.com/	116 B 325 B	120ms 120ms	Script text/javascript	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.bizible.com/xdc.js?_biz_u=40a3fa04b9834c40afb779171551e597&_biz_h=-1906410348&cdn_o=a&jsVer=4.23.12.14 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6711) / Resource Hash 1cf7e80888f444f54bae8f6006f3bd487800467130fbf1da5c0d622ac4df33b1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSub Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:01 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSub server ECS (frb/6711) etag FB6076C1 vary Accept-Encoding p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type text/javascript; charset=utf-8 cache-control private, must-revalidate, max-age=21600 content-length 218
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 212 B	58ms 57ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1054567129&t=pageview&_s=1&dl=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&ul=en-us&de=UTF-8&dt=Threat%20Actor%20%27UAC-0099%27%20Continues%20to%20Target%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=2051508532&gjid=812027370&cid=28198573.1703470262&tid=UA-69598329-1&_gid=1388891849.1703470262&_r=1&_slc=1&gtm=45He3bt0n8152PC3MWv78451102&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=552918894 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.deepinstinct.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 25 Dec 2023 02:11:01 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.deepinstinct.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bg9s Show response tag-logger.demandbase.com/	0 420 B	431ms 397ms	XHR text/html	2600:9000:224a:4c00:1d:8d6d:3b40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=R5uRGt25qg8lESxKGZwuN4KOQRCHWcJ0tc1wUoSsVcVOGfzAQ_w5sQ==&api-version=v2 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:4c00:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH date Sun, 24 Dec 2023 07:12:09 GMT via 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-P1 age 68832 x-amz-server-side-encryption AES256 x-cache Error from cloudfront content-length 0 last-modified Tue, 07 Mar 2023 20:47:02 GMT server AmazonS3 etag "d41d8cd98f00b204e9800998ecf8427e" vary Accept-Encoding content-type text/html access-control-allow-origin * accept-ranges bytes x-amz-cf-id FqIUCPawf6CrzeF9hp8U2pWOE02XZEWFwfD5gyvSWqwII4Y6Xgo08Q==
GET H2	200	collect www.google-analytics.com/	35 B 131 B	51ms 50ms	Image image/gif	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=1054567129&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&ul=en-us&de=UTF-8&dt=Threat%20Actor%20%27UAC-0099%27%20Continues%20to%20Target%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aDDACEABBAAAACAAI~&jid=&gjid=&cid=28198573.1703470262&tid=UA-69598329-1&_gid=1388891849.1703470262&gtm=45He3bt0n8152PC3MWv78451102&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=(Non-Company%20Visitor)&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=Wireless&cd5=(Non-Company%20Visitor)&cd6=HE&cd7=DE&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd13=(Non-Company%20Visitor)&z=548037900 Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Mon, 25 Dec 2023 00:19:42 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 6679 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/812608847/	42 B 455 B	174ms 64ms	Image image/gif	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/812608847/?random=1703470261547&cv=11&fst=1703469600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v78451102&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&frm=0&tiba=Threat%20Actor%20%27UAC-0099%27%20Continues%20to%20Target%20Ukraine&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Z9nvfkaar3_pKLWYwOh2nAyBbJmhng&random=1344890539&rmt_tld=0&ipr=y Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Mon, 25 Dec 2023 02:11:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/812608847/	42 B 455 B	171ms 63ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/812608847/?random=1703470261547&cv=11&fst=1703469600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v78451102&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&frm=0&tiba=Threat%20Actor%20%27UAC-0099%27%20Continues%20to%20Target%20Ukraine&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Z9nvfkaar3_pKLWYwOh2nAyBbJmhng&random=1344890539&rmt_tld=1&ipr=y Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Mon, 25 Dec 2023 02:11:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	/ Show response content.hotjar.io/	56 B 161 B	149ms 63ms	XHR application/json	52.215.228.249 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.hotjar.io/?gzip=1 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.215.228.249 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-228-249.eu-west-1.compute.amazonaws.com Software / Resource Hash fea4c4abadb7f60adc2cd8d589ede08ef73ac8ac3d6f51bf9674abc75548999d Request headers Referer https://www.deepinstinct.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers access-control-allow-origin * date Mon, 25 Dec 2023 02:11:01 GMT content-length 56 vary Origin content-type application/json
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 58E9 Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1719281461&external_user_id=f03be6e3-1460-4659-aeef-203c6fabf65e https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1719281461&external_user_id=f03be6e3-1460-4659-aeef-203c6fabf65e&C=1	43 B 342 B	20ms 19ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1719281461&external_user_id=f03be6e3-1460-4659-aeef-203c6fabf65e&C=1 Requested by Host: s.company-target.com URL: https://s.company-target.com/s/sync?exc=lr Protocol H2 Server 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Mon, 25 Dec 2023 02:11:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wc%2BIRjlz0MVbjJpssYBv0oswwrVL%2Bc%2BaKIFJsE6uIYSNaXnHf3J7Yda1r7frzOZYtMpXaRMnzD%2FhAScC7mFiUjqT1uP2OYqMbiAPDdy7uNrcMHtFSh9DGu%2F%2F%2BSYS54AAHL01PKQL0QoajA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 83ad8d109cb51e59-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 25 Dec 2023 02:11:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpLqTvwkmq3V8b2XGAdBYOyNu1QUIZ1KWYW5sCmDvUx8GbMrA6JfUnLJR4YQHQU31bmZId6zTCwWYrOybdN8dViZUdLoMi26x9%2BkifuJUStAfboiCkImeWkxOHlHgOrc%2BNwLQSmLq%2F6PIQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=18&expiry=1719281461&external_user_id=f03be6e3-1460-4659-aeef-203c6fabf65e&C=1 cache-control no-cache cf-ray 83ad8d106c991e59-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H2	200	sync partners.tremorhub.com/ Frame 58E9	43 B 392 B	311ms 99ms	Image image/gif	2600:1f18:612b:4280:ddec:df16:9cff:4bc6 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIDM=f03be6e3-1460-4659-aeef-203c6fabf65e Requested by Host: s.company-target.com URL: https://s.company-target.com/s/sync?exc=lr Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4280:ddec:df16:9cff:4bc6 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Mon, 25 Dec 2023 02:11:02 GMT server nginx content-type image/gif
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 58E9	0 239 B	46ms 7ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?nid=5578&put=f03be6e3-1460-4659-aeef-203c6fabf65e&v=1181926 Requested by Host: s.company-target.com URL: https://s.company-target.com/s/sync?exc=lr Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 78e3bdce5107450057bade54d54a0a7e P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 352 B	157ms 53ms	XHR text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-69598329-1&cid=28198573.1703470262&jid=2051508532&gjid=812027370&_gid=1388891849.1703470262&_u=YCDACEAABAAAACAAI~&z=1669063250 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.deepinstinct.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Mon, 25 Dec 2023 02:11:01 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.deepinstinct.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 31 B	31ms 8ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=468591697375107&ev=PageView&dl=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&rl=&if=false&ts=1703470261804&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703470261803.923132389&ler=empty&it=1703470261608&coo=false&rqm=GET Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 25 Dec 2023 02:11:01 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/tr/	0 185 B	30ms 7ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=332937911623471&ev=PageView&dl=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&rl=&if=false&ts=1703470261805&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703470261803.923132389&ler=empty&it=1703470261608&coo=false&rqm=GET Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 25 Dec 2023 02:11:01 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET BLOB	200 OK	ce58cbb9-c152-4f58-a034-46877546fd8e https://www.deepinstinct.com/	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL blob:https://www.deepinstinct.com/ce58cbb9-c152-4f58-a034-46877546fd8e Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 43 Content-Type image/gif
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	63ms 62ms	Image image/gif	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-69598329-1&cid=28198573.1703470262&jid=2051508532&_u=YCDACEAABAAAACAAI~&z=617864943 Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Mon, 25 Dec 2023 02:11:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	61ms 61ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-69598329-1&cid=28198573.1703470262&jid=2051508532&_u=YCDACEAABAAAACAAI~&z=617864943 Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Mon, 25 Dec 2023 02:11:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	new_embed-2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241.css s.swiftypecdn.com/assets/	89 KB 34 KB	7ms 7ms	Stylesheet text/css	151.101.64.143 FASTLY
General Check archive.org Show headers Download Go to Full URL https://s.swiftypecdn.com/assets/new_embed-2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241.css Requested by Host: s.swiftypecdn.com URL: https://s.swiftypecdn.com/install/v2/st.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.64.143 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241 Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers X-Cache-Hits 9866 Date Mon, 25 Dec 2023 02:11:02 GMT Content-Encoding gzip Via 1.1 varnish Age 2247964 X-Cache HIT Connection keep-alive Content-Length 33983 X-Served-By cache-fra-eddf8230125-FRA X-Timer S1703470262.127856,VS0,VE0 ETag "62b9d075-84bf" Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=31536000, public Accept-Ranges bytes Expires Thu, 28 Nov 2024 01:44:57 GMT
GET H/1.1	200 OK	cc.js cc.swiftype.com/	43 B 279 B	546ms 129ms	Image image/gif	169.46.32.99 SOFTLAYER
General Check archive.org Show headers Download Go to Show image Full URL https://cc.swiftype.com/cc.js?engine_key=zPgdszsQivuSeQwTEHrm&url=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine Requested by Host: www.deepinstinct.com URL: https://www.deepinstinct.com/blog/threat-actor-uac-0099-continues-to-target-ukraine Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 169.46.32.99 Irving, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 63.20.2ea9.ip4.static.sl-reverse.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/gif Date Mon, 25 Dec 2023 02:11:02 GMT Cache-Control no-cache Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Connection keep-alive Content-Length 43 Expires Mon, 25 Dec 2023 02:11:01 GMT
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 197 B	182ms 182ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept * Referer https://www.deepinstinct.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 25 Dec 2023 02:11:01 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 41C6CC05A7A94F1A800B5D04806E947C Ref B: FRAEDGE1107 Ref C: 2023-12-25T02:11:02Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 access-control-allow-origin https://www.deepinstinct.com x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYNTBPkT6ScjaZzIJVAqw==
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	179ms 151ms	Image image/gif	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=166273013&v=1.1&a=2183098&rcu=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&pu=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&t=Threat+Actor+%27UAC-0099%27+Continues+to+Target+Ukraine&cts=1703470262797&vi=d3d4bd066b612242f6aa26e33c43b410&nc=true&u=160033954.d3d4bd066b612242f6aa26e33c43b410.1703470262794.1703470262794.1703470262794.1&b=160033954.1.1703470262794&pt=0&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 0748e81d-d754-4922-9491-721efb8008ec p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 11 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 0748e81d-d754-4922-9491-721efb8008ec server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfSl%2F%2BYesxg86H3w9Mr1IAmyh1A6BJScmYQioNJQwndgPLuvwSJkIO5RD6K4cxSPCFf29BXhqsSzX6Abo8ewFDVwo58vc71KM74rQ1YUznXLitd0p4NkCyzwsRFYO%2FJfyU5e7gcTA0VNeQ%2BGZblz"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-7484b4bf59-z7dd4 x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 83ad8d16a983bbef-FRA x-robots-tag none
GET H2	200	json Show response forms.hubspot.com/lead-flows-config/v1/config/	2 KB 2 KB	192ms 160ms	XHR application/json	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2183098&utk=d3d4bd066b612242f6aa26e33c43b410&__hstc=160033954.d3d4bd066b612242f6aa26e33c43b410.1703470262794.1703470262794.1703470262794.1&__hssc=160033954.1.1703470262794&currentUrl=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49e4b31f4e0bedcc1f871b4669abda57fdf14ca93eebb1455adbec26cdcbb852 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:03 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 6ead3da0-2971-400d-9d9e-941f22927a9c content-encoding br x-envoy-upstream-service-time 41 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 6ead3da0-2971-400d-9d9e-941f22927a9c server cloudflare vary origin access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.deepinstinct.com x-evy-trace-virtual-host all access-control-max-age 180 access-control-allow-credentials false cache-control max-age=0, no-cache, no-store report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ac88ApeswEwKviSdEsackMUOtgA%2FpFt0hrQkkNLYx6IQa8ek%2BTI8L1ukx2Quknv9FzNQQBgFgjrBX7B51OoiO1cKGaE9u7LBxRo7GT9RvLVgO8%2B%2FXObMFf3lpIImy8FDk7fugINZyfwZR%2Bx8DhWa"}],"group":"cf-nel","max_age":604800} x-robots-tag none access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent cf-ray 83ad8d16ce5a3a9c-FRA x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-795b47fdff-ncnts
GET H/1.1	200 OK	messenger Show response app.qualified.com/w/1/DxHYmKWTScn3buDp/ Frame 73BB	6 KB 2 KB	363ms 125ms	Document text/html	35.174.161.250 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.qualified.com/w/1/DxHYmKWTScn3buDp/messenger?uuid=129405bc-011a-4c65-ac14-3ec798faf252 Requested by Host: js.qualified.com URL: https://js.qualified.com/qualified.js?token=DxHYmKWTScn3buDp Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 35.174.161.250 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-174-161-250.compute-1.amazonaws.com Software / Resource Hash e86fd6defae7279630075f87974d25bf8695e24409d3b8b8469084f46477b610 Security Headers Name Value Content-Security-Policy Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.deepinstinct.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control max-age=0, private, must-revalidate Content-Encoding gzip Content-Length 1605 Content-Security-Policy Content-Type text/html; charset=utf-8 Date Mon, 25 Dec 2023 02:11:03 GMT Etag W/"e86fd6defae7279630075f87974d25bf" Link <https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css>; rel=preload; as=style; nopush Referrer-Policy strict-origin-when-cross-origin Strict-Transport-Security max-age=63072000; includeSubDomains Vary Accept-Encoding Via 1.1 spaces-router (devel) X-Content-Type-Options nosniff X-Download-Options noopen X-Permitted-Cross-Domain-Policies none X-Request-Id 491edd4f-331b-dc5f-ddba-414e9bf38ba5 X-Runtime 0.019556 X-Xss-Protection 1; mode=block
GET H3	200	enterprise.js Show response www.google.com/recaptcha/	1 KB 888 B	60ms 60ms	Script text/javascript	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise.js?render=explicit Requested by Host: js.hsleadflows.net URL: https://js.hsleadflows.net/leadflows.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ccecc0ea1eb2df7464de9db17f4f8bdc0356db057935753e4696e35f71ae4d53 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:03 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Mon, 25 Dec 2023 02:11:03 GMT
GET H2	200	__ptq.gif track.hubspot.com/	45 B 462 B	135ms 134ms	Image image/gif	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=16&fi=edf3154a-9058-41f2-8bd8-5f0fc6bddce4&lfi=2584648&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=166273013&v=1.1&a=2183098&rcu=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&pu=https%3A%2F%2Fwww.deepinstinct.com%2Fblog%2Fthreat-actor-uac-0099-continues-to-target-ukraine&t=Threat+Actor+%27UAC-0099%27+Continues+to+Target+Ukraine&cts=1703470263009&vi=d3d4bd066b612242f6aa26e33c43b410&nc=true&u=160033954.d3d4bd066b612242f6aa26e33c43b410.1703470262794.1703470262794.1703470262794.1&b=160033954.1.1703470262794&pt=0&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.deepinstinct.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:03 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 32c4fb79-46a4-4c93-8e2c-4ccf50d49d43 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 8 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 32c4fb79-46a4-4c93-8e2c-4ccf50d49d43 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wonR%2BxGOZGslz4AVKwtSFdQ5lpy9kZ9Jj7ZxkO1Zy6TgAkIa%2Fx2daRRQNxZgVCA0LI4lDbkjJIsjMwZ0uWbX2EhQpLPWpYZurYA9tLQXeHbA6QxgEzY2LdPzs%2FH4jgCyhy2cFvkfLvDHqvcjDale"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-7484b4bf59-k67x5 x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 83ad8d17da0ebbef-FRA x-robots-tag none
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/	505 KB 203 KB	164ms 54ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise.js?render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.deepinstinct.com/ Origin https://www.deepinstinct.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 22 Dec 2023 13:11:36 GMT content-encoding gzip x-content-type-options nosniff age 219567 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 207437 x-xss-protection 0 last-modified Mon, 11 Dec 2023 05:01:12 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 21 Dec 2024 13:11:36 GMT
GET H2	200	messenger-94e6eccc.chunk.css assets.qualified.com/packs/css/vendors~widget/sandboxed/ Frame 73BB	35 KB 7 KB	39ms 22ms	Stylesheet text/css	2606:4700::6812:1105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611 Request headers accept-language de-DE,de;q=0.9 Referer https://app.qualified.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:03 GMT x-amz-version-id f3v5WukiTv1ETPpH8llDg0SYQxseA33H content-encoding gzip cf-cache-status HIT x-amz-request-id 5CVD0P2QP12HG8TH age 2285 x-amz-server-side-encryption AES256 x-amz-id-2 w+IOvh2r/MClR0LWDbwmcQKrAFmIaqXGm6ALYe9zttCpoqAIKFgMAhbTnglXpVQIw1JIwTO+vsc= last-modified Sat, 16 Dec 2023 00:58:19 GMT server cloudflare etag W/"a788ecf510f83ee517cbaf79306145dd" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 cf-ray 83ad8d19180268f2-FRA expires Mon, 25 Dec 2023 06:11:03 GMT
GET H2	200	messenger-ea37ea0f.chunk.css assets.qualified.com/packs/css/widget/sandboxed/ Frame 73BB	5 KB 1 KB	41ms 24ms	Stylesheet text/css	2606:4700::6812:1105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb Request headers accept-language de-DE,de;q=0.9 Referer https://app.qualified.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:03 GMT x-amz-version-id Upn5pwU1fUXXo0UWRCKknJhzfKrQAGhd content-encoding gzip cf-cache-status HIT x-amz-request-id HZ4X6WZ5C5QKSGM1 age 4889 x-amz-server-side-encryption AES256 x-amz-id-2 MsFuDihDkrxBmkMJpgBslh1Bz8fkqlu3WzzGP38Qi20YjT0iMAWn0/Zoi00qfYgHmn8l6xM82CU= last-modified Fri, 10 Nov 2023 03:07:29 GMT server cloudflare etag W/"22d5f23e695250d3c5a5b1e76a015c5e" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 cf-ray 83ad8d19180368f2-FRA expires Mon, 25 Dec 2023 06:11:03 GMT
GET H2	200	messenger~runtime-12a4356b25dc00e21009.js Show response assets.qualified.com/packs/js/widget/sandboxed/ Frame 73BB	2 KB 1 KB	34ms 23ms	Script application/javascript	2606:4700::6812:1105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.qualified.com/packs/js/widget/sandboxed/messenger~runtime-12a4356b25dc00e21009.js Requested by Host: app.qualified.com URL: https://app.qualified.com/w/1/DxHYmKWTScn3buDp/messenger?uuid=129405bc-011a-4c65-ac14-3ec798faf252 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04ae340fe641b50225a136fd975a06038932d2edf3262afb992437e330be9fe4 Request headers accept-language de-DE,de;q=0.9 Referer https://app.qualified.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:03 GMT x-amz-version-id 3uYjPVFylgCFIhyrxR.2ba7ymhL0na2L content-encoding gzip cf-cache-status HIT x-amz-request-id 5CV3EFAS2P6J1TEX age 1634 x-amz-server-side-encryption AES256 x-amz-id-2 Q5y9p/rGHAMGKXIe6QGCnk8cgFt3Q8t8C2clsxT3vkMzmpuRICN08JTZy/3HFjosW0T5S/JiGyI= last-modified Sat, 16 Dec 2023 00:58:23 GMT server cloudflare etag W/"a7878e62f4e53c14b2f5dffdb6cf33bc" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 83ad8d19180468f2-FRA expires Mon, 25 Dec 2023 06:11:03 GMT
GET H2	200	messenger-191570b0e91eadf70b22.chunk.js Show response assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/ Frame 73BB	1 MB 368 KB	37ms 26ms	Script application/javascript	2606:4700::6812:1105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-191570b0e91eadf70b22.chunk.js Requested by Host: app.qualified.com URL: https://app.qualified.com/w/1/DxHYmKWTScn3buDp/messenger?uuid=129405bc-011a-4c65-ac14-3ec798faf252 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28e3332baf3b748b3a0f10ab56958db3af34f2d033b2cd1c7ff798fbf1bda097 Request headers accept-language de-DE,de;q=0.9 Referer https://app.qualified.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:03 GMT x-amz-version-id OA2d__vBLcqrxraAyxlq0muNTE8u.zu_ content-encoding gzip cf-cache-status HIT x-amz-request-id 2VM35N3ZNS7FCW79 age 3008 x-amz-server-side-encryption AES256 x-amz-id-2 T5J7KToWLhiuKlhCsNMHbs1S2kSRAKXsOZIBYPQ/OkzZsqGR6L5kPOYatbpJWT4kX+iN9ZnTKxg= last-modified Wed, 13 Dec 2023 22:33:12 GMT server cloudflare etag W/"9dce2d1b2a896f8b84b060df57592520" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 83ad8d19180568f2-FRA expires Mon, 25 Dec 2023 06:11:03 GMT
GET H2	200	messenger-06b892b7879cbc300b42.chunk.js Show response assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/ Frame 73BB	870 KB 199 KB	24ms 24ms	Script application/javascript	2606:4700::6812:1105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-06b892b7879cbc300b42.chunk.js Requested by Host: app.qualified.com URL: https://app.qualified.com/w/1/DxHYmKWTScn3buDp/messenger?uuid=129405bc-011a-4c65-ac14-3ec798faf252 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a001f52f435ef4aada08a37383e97f25e5c7c1103fd2696363d8d59c7be35d0d Request headers accept-language de-DE,de;q=0.9 Referer https://app.qualified.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:03 GMT x-amz-version-id oqN0nuvVe8nwq1ogOxSeO_UdTpqMyGfN content-encoding gzip cf-cache-status HIT x-amz-request-id 6610DGSC8CQM7FPD age 6492 x-amz-server-side-encryption AES256 x-amz-id-2 rwAyerrOC020wSV5UMCWLEjSxB9RVr85BI4ou4co0ICp50LXULFmnDPYQvKDO7Aj/GSSlVm29GQ= last-modified Fri, 22 Dec 2023 18:04:40 GMT server cloudflare etag W/"1e0e1d43cf55b2ebb56bed7447c03852" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 83ad8d19381468f2-FRA expires Mon, 25 Dec 2023 06:11:03 GMT
GET H2	200	Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2 assets.qualified.com/packs/media/fonts/inter/ Frame 73BB	97 KB 97 KB	43ms 15ms	Font font/woff2	2606:4700::6812:1005 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.qualified.com/packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2 Requested by Host: app.qualified.com URL: https://app.qualified.com/w/1/DxHYmKWTScn3buDp/messenger?uuid=129405bc-011a-4c65-ac14-3ec798faf252 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6 Request headers Referer https://app.qualified.com/ Origin https://app.qualified.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:03 GMT x-amz-version-id UAqQbZcUD4c_nvW9e7GO0bKRmlpg9BTL cf-cache-status HIT x-amz-request-id 92C6XQHDGF4B6VYC age 4065139 x-amz-server-side-encryption AES256 content-length 98868 x-amz-id-2 Zs5R2Ljvr7ZRhfEgNrV37Bgp/ryKooVikbqCzs2HVcQhOgQVFNsWw4hchbxm7QTw7CzodZafQPA= last-modified Tue, 07 Nov 2023 21:31:31 GMT server cloudflare etag "dc131113894217b5031000575d9de002" access-control-max-age 3600 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cache-control public, max-age=31557600 accept-ranges bytes cf-ray 83ad8d1928ca3653-FRA expires Tue, 24 Dec 2024 08:11:03 GMT
GET H2	200	Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2 assets.qualified.com/packs/media/fonts/inter/ Frame 73BB	103 KB 104 KB	49ms 22ms	Font font/woff2	2606:4700::6812:1005 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.qualified.com/packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2 Requested by Host: app.qualified.com URL: https://app.qualified.com/w/1/DxHYmKWTScn3buDp/messenger?uuid=129405bc-011a-4c65-ac14-3ec798faf252 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5 Request headers Referer https://app.qualified.com/ Origin https://app.qualified.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 02:11:03 GMT x-amz-version-id azxyuTuYExeVR_mk6PawtlKnm9NEyZCd cf-cache-status HIT x-amz-request-id EN7GSJ2TV89VJHCT age 2326848 x-amz-server-side-encryption AES256 content-length 105804 x-amz-id-2 u2CbW13irHbVsZF+f71Y3EEsxoUdH3DzS74NrZzUIH8g+oK5uUoFw8IcFFh3CWhzzqpcAgg9ZpE= last-modified Thu, 23 Nov 2023 00:09:26 GMT server cloudflare etag "007ad31a53f4ab3f58ee74f2308482ce" access-control-max-age 3600 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cache-control public, max-age=31557600 accept-ranges bytes cf-ray 83ad8d1938cc3653-FRA expires Tue, 24 Dec 2024 08:11:03 GMT
POST H2	200	/ Show response sentry.io/api/1332833/envelope/ Frame 73BB	2 B 324 B	152ms 117ms	Fetch application/json	35.186.247.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://sentry.io/api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1 Requested by Host: assets.qualified.com URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-191570b0e91eadf70b22.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 156.247.186.35.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://app.qualified.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 25 Dec 2023 02:11:03 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary origin,access-control-request-method,access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after x-envoy-upstream-service-time 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2