research.checkpoint.com Open in urlscan Pro
141.193.213.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Submission: On December 12 via api (December 12th 2022, 11:00:28 am UTC) from IN — Scanned from DE

Summary HTTP 102 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 27 domains to perform 102 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is research.checkpoint.com.
TLS certificate: Issued by R3 on November 19th 2022. Valid for: 3 months.

This is the only time research.checkpoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
8	184.51.87.104 184.51.87.104	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.99.22 13.32.99.22	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:5400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.156.163.73 35.156.163.73	16509 (AMAZON-02) (AMAZON-02)
9	23.44.74.52 23.44.74.52	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
10	2600:9000:21f... 2600:9000:21f3:e00:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:170... 2a02:26f0:1700:1b1::1c91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.184.252.128 18.184.252.128	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ecb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2	23.45.104.85 23.45.104.85	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:225... 2600:9000:225e:7c00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	18.155.145.47 18.155.145.47	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	34.239.222.165 34.239.222.165	14618 (AMAZON-AES) (AMAZON-AES)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
102	36

23 141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

research.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.51.87.104 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-87-104.deploy.static.akamaitechnologies.com

sc1.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-22.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:5400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.163.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-163-73.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.44.74.52 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-74-52.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:21f3:e00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:1b1::1c91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.252.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-252-128.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ecb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.104.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-104-85.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:7c00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.155.145.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-145-47.ham50.r.cloudfront.net

assets.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.239.222.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-222-165.compute-1.amazonaws.com

trackingapi.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

750-dqh-528.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	checkpoint.com research.checkpoint.com sc1.checkpoint.com — Cisco Umbrella Rank: 24726	2 MB
13	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4676 buttons-config.sharethis.com — Cisco Umbrella Rank: 5915 l.sharethis.com — Cisco Umbrella Rank: 4687 platform-cdn.sharethis.com — Cisco Umbrella Rank: 10671	55 KB
10	6sc.co j.6sc.co — Cisco Umbrella Rank: 6509 c.6sc.co — Cisco Umbrella Rank: 9715 ipv6.6sc.co — Cisco Umbrella Rank: 6910 b.6sc.co — Cisco Umbrella Rank: 4568	14 KB
9	trendemon.com assets.trendemon.com — Cisco Umbrella Rank: 83859 trackingapi.trendemon.com — Cisco Umbrella Rank: 60403	52 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3573 onesignal.com — Cisco Umbrella Rank: 1327 img.onesignal.com — Cisco Umbrella Rank: 8033	86 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28 region1.google-analytics.com — Cisco Umbrella Rank: 3983	20 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 372 www.linkedin.com — Cisco Umbrella Rank: 643 px4.ads.linkedin.com — Cisco Umbrella Rank: 6944	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	203 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 887	376 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	112 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3272	7 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10909	588 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 73	55 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	161 KB
1	mktoresp.com 750-dqh-528.mktoresp.com — Cisco Umbrella Rank: 570723	318 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 557	393 B
1	t.co t.co — Cisco Umbrella Rank: 511	374 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 627	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 742	5 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 430	707 B
1	google.de www.google.de — Cisco Umbrella Rank: 7952	500 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	500 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 81	446 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 687	30 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 849	12 KB
102	27

	Domain	Requested by
23	research.checkpoint.com	research.checkpoint.com
10	platform-cdn.sharethis.com	research.checkpoint.com
8	sc1.checkpoint.com	research.checkpoint.com
7	trackingapi.trendemon.com	assets.trendemon.com
7	b.6sc.co	research.checkpoint.com
3	onesignal.com	cdn.onesignal.com
3	www.google-analytics.com	www.googletagmanager.com research.checkpoint.com
2	www.facebook.com
2	assets.trendemon.com	research.checkpoint.com assets.trendemon.com
2	px.ads.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	connect.facebook.net	research.checkpoint.com connect.facebook.net
2	munchkin.marketo.net	research.checkpoint.com munchkin.marketo.net
2	epsilon.6sense.com	j.6sc.co
2	www.youtube.com	www.googletagmanager.com www.youtube.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	research.checkpoint.com www.googletagmanager.com
2	cdn.onesignal.com	research.checkpoint.com cdn.onesignal.com
1	750-dqh-528.mktoresp.com	munchkin.marketo.net
1	analytics.twitter.com
1	t.co
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	img.onesignal.com	research.checkpoint.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	j.6sc.co	research.checkpoint.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	www.google.de	research.checkpoint.com
1	www.google.com	research.checkpoint.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	platform-api.sharethis.com	research.checkpoint.com
1	fonts.googleapis.com	research.checkpoint.com
1	code.jquery.com	research.checkpoint.com
1	use.fontawesome.com	research.checkpoint.com
102	40

This site contains links to these domains. Also see Links.

Domain
www.checkpoint.com
www.facebook.com
plus.google.com
www.linkedin.com
twitter.com
cpr-zero.checkpoint.com
evasions.checkpoint.com
anti-debug.checkpoint.com
www.cpcheckme.com
threatmap.checkpoint.com
securelist.com
www.ptsecurity.com
mail.ru
outlook.com
symantec-enterprise-blogs.security.com
paper.seebug.org
www.virustotal.com
blog.checkpoint.com
threatemulation.checkpoint.com
bit.ly

Subject Issuer	Validity	Valid
research.checkpoint.com R3	`2022-11-19` - `2023-02-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.checkpoint.com GlobalSign GCC R3 DV TLS CA 2020	`2021-12-07` - `2023-01-08`	a year	crt.sh
sharethis.com Amazon	`2022-06-19` - `2023-07-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.6sense.com Amazon	`2022-05-31` - `2023-06-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-20` - `2022-12-19`	3 months	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.trendemon.com SSL.com RSA SSL subCA	`2022-07-12` - `2023-06-26`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Frame ID: 2ADE0B12FAE313C168F10D5FC407EE74
Requests: 100 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E30C8D00AB8AA96753D3859AF536D9E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cloud Atlas targets entities in Russia and Belarus amid the ongoing war in Ukraine - Check Point Research

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

102
Requests

99 %
HTTPS

58 %
IPv6

27
Domains

40
Subdomains

36
IPs

4
Countries

2583 kB
Transfer

4601 kB
Size

35
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.checkpoint.com/
Title: CheckPoint.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/checkpointresearch/

Search URL Search Domain Scan URL

URL: https://plus.google.com/+checkpoint/posts

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/check-point-software-technologies

Search URL Search Domain Scan URL

URL: https://twitter.com/_cpresearch_

Search URL Search Domain Scan URL

URL: https://cpr-zero.checkpoint.com/
Title: CPR Zero- Vulnerability Repository

Search URL Search Domain Scan URL

URL: https://evasions.checkpoint.com/
Title: Evasion techniques Encyclopedia

Search URL Search Domain Scan URL

URL: https://anti-debug.checkpoint.com/
Title: Anti-Debug Tricks

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/urlcat/
Title: URL Categorization

Search URL Search Domain Scan URL

URL: http://www.cpcheckme.com/checkme/
Title: Instant Security Assessment

Search URL Search Domain Scan URL

URL: https://threatmap.checkpoint.com/ThreatPortal/livemap.html
Title: Live Threat Map

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/threatcloud-incident-response/

Search URL Search Domain Scan URL

URL: https://securelist.com/recent-cloud-atlas-activity/92016/
Title: discovery

Search URL Search Domain Scan URL

URL: https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/apt-cloud-atlas-unbroken-threat/
Title: technical analysis

Search URL Search Domain Scan URL

URL: https://mail.ru/
Title: Mail.ru

Search URL Search Domain Scan URL

URL: https://outlook.com/
Title: Outlook.com

Search URL Search Domain Scan URL

URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/inception-framework-hiding-behind-proxies
Title: known

Search URL Search Domain Scan URL

URL: https://securelist.com/cloud-atlas-redoctober-apt-is-back-in-style/68083/
Title: Kaspersky

Search URL Search Domain Scan URL

URL: https://paper.seebug.org/papers/APT/APT_CyberCriminal_Campagin/2014/bcs_wp_InceptionReport_EN_v12914.pdf
Title: Symantec

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/de451b92ba4739020809541d27b2106b6e2ef5fb960c6288a56479fb9813d985
Title: uploaded

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/harmony/anti-phishing/
Title: Harmony Email & Office

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/infinity/zero-day-protection/
Title: Threat Emulation

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/advisories/
Title: IPS ADVISORIES

Search URL Search Domain Scan URL

URL: http://blog.checkpoint.com/
Title: CHECK POINT BLOG

Search URL Search Domain Scan URL

URL: https://threatemulation.checkpoint.com/
Title: SANDBLAST FILE ANALYSIS

Search URL Search Domain Scan URL

URL: https://bit.ly/2Pmx8R2

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1670842822835&url=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D51830%26time%3D1670842822835%26url%3Dhttps%253A%252F%252Fresearch.checkpoint.com%252F2022%252Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1670842822835&url=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1670842822835&url=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&liSync=true&e_ipv6=AQJZp8FOjsWMLQAAAYUF_jJZWyM6lovzXvIl6fCkMLu1ywcInyFfh_y1bXeaTHXF3T7MYbBhEQQvug

102 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/ 62 KB
18 KB 213ms
186ms Document
text/html 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

6efb7d28ce292e5b3630783cc09ea8c7495284cbfd059bc611b4720c3ac2d566

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7785f4a67b719a12-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Dec 2022 11:00:19 GMT
link: <https://research.checkpoint.com/?p=26674>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 67
x-cache-group: normal
x-cacheable: SHORT
x-frame-options: SAMEORIGIN
x-powered-by: WP Engine
x-xss-protection: 1; mode=block

GET
H2 200 quicklatex-format.css
research.checkpoint.com/wp-content/plugins/wp-quicklatex/css/ 2 KB
644 B 71ms
67ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/plugins/wp-quicklatex/css/quicklatex-format.css?ver=6.1.1
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cb28b165527f0c337ad89cab2d6aba21dc70815ad072089f605215b4fac1431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Sep 2022 07:25:36 GMT
server: cloudflare
age: 396801
etag: W/"6326c7f0-886"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7785f4a7bdb39a12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
research.checkpoint.com/wp-includes/css/dist/block-library/ 93 KB
12 KB 47ms
42ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 16:13:51 GMT
server: cloudflare
age: 1017405
etag: W/"6387813f-172a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7785f4a7bdb49a12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 classic-themes.min.css
research.checkpoint.com/wp-includes/css/ 217 B
258 B 41ms
37ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 30 Nov 2022 16:13:51 GMT
server: cloudflare
age: 1017405
etag: W/"6387813f-d9"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7785f4a7bdb69a12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
research.checkpoint.com/wp-content/themes/research/ 18 KB
4 KB 60ms
57ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/style.css?ver=1.35
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c889ab971a29fc22f94ac497d4f61eadfc64521f668034e0d7b3dcc328759d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 18:04:47 GMT
server: cloudflare
age: 4209276
etag: W/"632ca3bf-4957"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7785f4a7bdb89a12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
research.checkpoint.com/wp-content/themes/research/css/ 137 KB
22 KB 81ms
78ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/css/bootstrap.min.css?ver=4.1
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 22:27:49 GMT
server: cloudflare
age: 3429652
etag: W/"5dc49a65-22485"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7785f4a7bdb99a12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 flickity.min.css
research.checkpoint.com/wp-content/themes/research/css/ 2 KB
732 B 31ms
27ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/css/flickity.min.css?ver=1.1
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8da941d8a446516c824ebc9fb77b42e6b92c6deed1daed266bd821ed27bc516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 22:27:48 GMT
server: cloudflare
age: 4209276
etag: W/"5dc49a64-71d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7785f4a7bdbc9a12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 55ms
22ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=5.6.3
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CH2VYP5BCBGVSGYR
age: 593447
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: NMcCg60Ty92y03s15bwv2N8Jxyqi61m8oH6X1CE9rk0P/CmSi8jGnIRLJqDpeji6U7HujJ9s0Azu52am/Wahxg==
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiQqPbzAS2z69fXUecMtl2m1vRo3zWA2TNm0g4gPOTOcfdUxjdh6US%2Fkp7e1XAuT9D16wh%2FyCdT8nDEGWqiU%2FXgATu36NuMXmmeKrA83W%2FF8EjxlN16Lm3zsEWpNIV6wBBPU3sYXHWWzjqW6fiMRj6BN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7785f4a7eda16d71-MUC

GET
H2 200 enlighterjs.min.css
research.checkpoint.com/wp-content/plugins/enlighter/cache/ 78 KB
9 KB 77ms
74ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/plugins/enlighter/cache/enlighterjs.min.css?ver=Ua1vJ7A1oTANrZu
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c7fc311a232fc32e6bd553d6b6e9f791ac9a6fa3bd67338f71b4f3f8fc1c3c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Oct 2022 14:57:47 GMT
server: cloudflare
age: 4209276
etag: W/"633af86b-1369e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7785f4a7bdbf9a12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.4.0.min.js Show response
code.jquery.com/ 86 KB
30 KB 2535ms
2338ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.0.min.js?ver=6.1.1
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:20 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15857"
vary: Accept-Encoding
x-hw: 1670842820.dop156.fr8.t,1670842820.cds122.fr8.hn,1670842820.cds215.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30632

GET
H2 200 bootstrap.bundle.min.js Show response
research.checkpoint.com/wp-content/themes/research/js/lib/ 66 KB
19 KB 90ms
88ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/js/lib/bootstrap.bundle.min.js?ver=4.1
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 22:27:48 GMT
server: cloudflare
age: 1052047
etag: W/"5dc49a64-1089e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7785f4a7bdc69a12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wp-quicklatex-frontend.js Show response
research.checkpoint.com/wp-content/plugins/wp-quicklatex/js/ 619 B
508 B 30ms
28ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/plugins/wp-quicklatex/js/wp-quicklatex-frontend.js?ver=1.0
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7b9e73338554c8f9cc6dc934fc765f21b7f12b42c3908b07347dfb5fb90f165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Sep 2022 07:25:36 GMT
server: cloudflare
age: 4209276
etag: W/"6326c7f0-26b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7785f4a7bdc89a12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 flickity.pkgd.min.js Show response
research.checkpoint.com/wp-content/themes/research/js/lib/ 54 KB
14 KB 38ms
36ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/js/lib/flickity.pkgd.min.js?ver=1.0.1
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe2df9f6df4b4a8d7174d259f563b8d9e28e4c03f8f4092fd9db6044e0e64c32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 22:27:48 GMT
server: cloudflare
age: 4209276
etag: W/"5dc49a64-d7c9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7785f4a7cdd19a12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 single-post.js Show response
research.checkpoint.com/wp-content/themes/research/js/ 422 B
293 B 34ms
32ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/js/single-post.js?ver=1.0.4
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f5bd223eafa1c6d1aff21c91c6bfb825f7f36830d97eef41c432681ed671f85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Jan 2020 00:00:05 GMT
server: cloudflare
age: 4209276
etag: W/"5e1d0485-1a6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7785f4a7cdd49a12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 inc-header.js Show response
research.checkpoint.com/wp-content/themes/research/header/ 1 KB
495 B 57ms
55ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/header/inc-header.js?v=1.1
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae3754c54a0880a98a94c423d3e67f39b5b6f3c63516dafa33866e3e74c9f97d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 22:27:48 GMT
server: cloudflare
age: 4209276
etag: W/"5dc49a64-47a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7785f4a7cdd59a12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
research.checkpoint.com/wp-content/themes/research/header/ 9 KB
2 KB 30ms
29ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/header/style.css
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fe8bcbcd24ab838fbbd773001253fc0353956e81c5ba9c8e23951ebdbae305a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 22:27:48 GMT
server: cloudflare
age: 2714642
etag: W/"5dc49a64-25cb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7785f4a7bdc49a12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 62ms
24ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 10:38:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Dec 2022 11:00:19 GMT

GET
H/1.1 200
OK facebook.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 1 KB
2 KB 59ms
11ms Image
image/gif 184.51.87.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/facebook.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.87.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-87-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 791d8c8cb135d3d53915096e999d3857b6ee16966c20a019f38699f09f6aa2ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 11:00:20 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: AkamaiNetStorage
ETag: "7eb7015574801089503dd7095e1d4313:1506366539"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1254

GET
H/1.1 200
OK google-plus.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 2 KB
2 KB 15ms
15ms Image
image/gif 184.51.87.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/google-plus.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.87.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-87-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1998582382fbf956231d65be84b76e08c0c86e5ced8a99c703bdec416d876d76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 11:00:20 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: AkamaiNetStorage
ETag: "eedd0b2cde10b6b1930d57a10c6d0422:1612322629.149034"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1653

GET
H/1.1 200
OK linkedin.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 1 KB
2 KB 10ms
9ms Image
image/gif 184.51.87.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/linkedin.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.87.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-87-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a22d6b8782097b7cd9588ab582e119bfd6290278275661e9d0f96b2baec0cb8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 11:00:20 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: AkamaiNetStorage
ETag: "6789b034de6591b26bbd9b5fa6b451ca:1506366539"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1416

GET
H/1.1 200
OK email.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 1 KB
2 KB 11ms
10ms Image
image/gif 184.51.87.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/email.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.87.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-87-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3643b2c826a615065303aa44b8f463eb854d77934f5f25dc1f74f60d4698f9f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 11:00:20 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: AkamaiNetStorage
ETag: "15f1e1004accdbc019365e658249f334:1506366539"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1407

GET
H/1.1 200
OK rss.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 2 KB
2 KB 10ms
9ms Image
image/gif 184.51.87.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/rss.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.87.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-87-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b7cfb1c9430d90b22b3f4497543a4cfef719dc40a3cce130cad766171abe8bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 11:00:20 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: AkamaiNetStorage
ETag: "8cc18e3677ea53cc679e33e82bf9497a:1506366539"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1620

GET
H/1.1 200
OK twitter.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 2 KB
2 KB 10ms
9ms Image
image/gif 184.51.87.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/twitter.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.87.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-87-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a59bba774218f207179b30aa8bbd21bad0f7355a52321e08138bd77a308c27d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 11:00:20 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: AkamaiNetStorage
ETag: "6b05f4fc9522afa0cdbeb1a2c0bccc2c:1506366539"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1608

GET
H/1.1 200
OK check-point-research-logo.gif
sc1.checkpoint.com/sc1/inc/html/images/ 3 KB
3 KB 11ms
11ms Image
image/gif 184.51.87.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/check-point-research-logo.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.87.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-87-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b1fd89254c5a1e26226d533849c501ce8d17f47d4271e907f0084d7a25f1f242

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 11:00:20 GMT
Last-Modified: Mon, 09 Jul 2018 21:15:16 GMT
Server: AkamaiNetStorage
ETag: "c425f4400a5c9dfbaecb24275f494931:1531172224"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 2901

GET
H3 200 under-attack.gif
research.checkpoint.com/wp-content/themes/research/img/lib/ 458 B
726 B 80ms
79ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/themes/research/img/lib/under-attack.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f7ef8329ae6da56bd269492901fb024a05d7b67e977995a82b506af4b3b030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:20 GMT
cf-cache-status: HIT
age: 406280
cf-polished: origFmt=gif, origSize=1666
content-disposition: inline; filename="under-attack.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 458
cf-bgj: imgq:100,h2pri
last-modified: Thu, 07 Nov 2019 22:27:48 GMT
server: cloudflare
etag: "5dc49a64-682"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785f4a9d801693d-FRA

GET
H3 200 Spearphishing_email.png
research.checkpoint.com/wp-content/uploads/2022/12/ 209 KB
209 KB 53ms
53ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2022/12/Spearphishing_email.png
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 745d612ed11591074ef61f0c17d0ab39f229940d530e3aae42cea9de72bb3987

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:20 GMT
cf-cache-status: HIT
age: 247304
cf-polished: origFmt=png, origSize=232937
content-disposition: inline; filename="Spearphishing_email.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 213698
cf-bgj: imgq:100,h2pri
last-modified: Fri, 09 Dec 2022 12:06:20 GMT
server: cloudflare
etag: "639324bc-38de9"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785f4aa58ee693d-FRA

GET
H3 200 email-decode.min.js Show response
research.checkpoint.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
871 B 17ms
17ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 18:45:45 GMT
server: cloudflare
etag: W/"6390df59-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7785f4a84c8c693d-FRA
expires: Wed, 14 Dec 2022 11:00:19 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 193 KB
43 KB 43ms
8ms Script
text/javascript 13.32.99.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-22.fra60.r.cloudfront.net

Software

Resource Hash

f2543598ef1f4ead06a604ac151e0466dd405bd6fcce02c9074567066eb89085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:50:27 GMT
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 592
etag: W/"30217-4R/x1mcbHYoN8J5L8eO1d9Nv/qY"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: hIjR8ZFouX6e1VdxgiJp_6w5JMONZwrvpM3NJDm5gYZFlFGXgNRKyw==

GET
H3 200 CfP_1021x580_A.jpg
research.checkpoint.com/wp-content/uploads/2018/11/ 128 KB
128 KB 28ms
28ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2018/11/CfP_1021x580_A.jpg
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 408ddad0ef179adef886bffc95c5851680e2e1a3d9f04a03f5bb8d1efb73344c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:20 GMT
cf-cache-status: HIT
age: 4209276
cf-polished: origSize=134980, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130561
cf-bgj: imgq:100,h2pri
last-modified: Thu, 07 Nov 2019 22:27:41 GMT
server: cloudflare
etag: "5dc49a5d-20f44"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785f4aaea56693d-FRA

GET
H3 200 enlighterjs.min.js Show response
research.checkpoint.com/wp-content/plugins/enlighter/cache/ 61 KB
18 KB 33ms
32ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/plugins/enlighter/cache/enlighterjs.min.js?ver=Ua1vJ7A1oTANrZu
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3753723f9bcfdd622dad945e9b2b2ba2957d57742c4a22ad263fb3e191d5b964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Oct 2022 14:57:47 GMT
server: cloudflare
age: 4209276
etag: W/"633af86b-f310"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7785f4a8cd76693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 50ms
21ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.1.1

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1091
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7785f4ab5d6d6925-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 15 Dec 2022 11:00:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 291 KB
86 KB 116ms
53ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51353d5adf1d02ac0e49905a87fa8f8d0e40a1e0bd51d28a6a03870392f19e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87066
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Dec 2022 11:00:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 50ms
14ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 09:29:14 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5466
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 12 Dec 2022 11:29:14 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
76 KB 62ms
30ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57a9c4e1ee07d17ba936d1fc2bac7c81d23373289fd951248ee40e9bb77069db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77393
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 12 Dec 2022 11:00:20 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-194688-3&cid=1553198275.1670842821&jid=983762240&gjid=1418836445&_gid=351914288.1670842821&_u=YGBAgEABAAAAAEAEK~&z=1466360178

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://research.checkpoint.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Dec 2022 11:00:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://research.checkpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
15ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=9366162&t=pageview&_s=1&dl=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&ul=en-us&de=UTF-8&dt=Cloud%20Atlas%20targets%20entities%20in%20Russia%20and%20Belarus%20amid%20the%20ongoing%20war%20in%20Ukraine%20-%20Check%20Point%20Research&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAAAAEK~&jid=983762240&gjid=1418836445&cid=1553198275.1670842821&tid=UA-194688-3&_gid=351914288.1670842821&gtm=2wgbu05JCRGP&z=1296392922

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 17:42:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62254
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
500 B 69ms
33ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-194688-3&cid=1553198275.1670842821&jid=983762240&_u=YGBAgEABAAAAAEAEK~&z=2064422129

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 11:00:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
500 B 64ms
27ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-194688-3&cid=1553198275.1670842821&jid=983762240&_u=YGBAgEABAAAAAEAEK~&z=2064422129

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 11:00:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
342 B 51ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-48VXKGDGCV&gtm=2oebu0&_p=9366162&cid=1553198275.1670842821&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&sid=1670842820&sct=1&seg=0&dt=Cloud%20Atlas%20targets%20entities%20in%20Russia%20and%20Belarus%20amid%20the%20ongoing%20war%20in%20Ukraine%20-%20Check%20Point%20Research&en=page_view&_fv=1&_ss=1&ep.host_property=research.checkpoint.com&ep.page_path=%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&ep.page_level1=2022&ep.page_level2=cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 11:00:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://research.checkpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK search-icon.gif
sc1.checkpoint.com/sc1/inc/html/images/ 2 KB
2 KB 13ms
13ms Image
image/gif 184.51.87.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/search-icon.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/wp-content/themes/research/header/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.87.104 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-87-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 953d6908ab55929254e46c77e5c751a6e2df7ab84430f134edc3bb62d8f7d32f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 11:00:22 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: AkamaiNetStorage
ETag: "2e1aa25e7e77e6a393fd38efb413370f:1506366539"
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1755

GET
H3 200 34CA47_6_0.woff2
research.checkpoint.com/wp-content/themes/research/fonts/ 58 KB
58 KB 47ms
46ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://research.checkpoint.com/wp-content/themes/research/fonts/34CA47_6_0.woff2
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/wp-content/themes/research/style.css?ver=1.35
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc686423c26cb1030032fd7e4f2dd664c4b08517a8990c0b46269dd4e01910b

Request headers

Referer: https://research.checkpoint.com/wp-content/themes/research/style.css?ver=1.35
Origin: https://research.checkpoint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 22:27:48 GMT
server: cloudflare
age: 699247
etag: "5dc49a64-e890"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785f4b7cdec693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59536

GET
H3 200 MicrosoftTeams-image-9.png
research.checkpoint.com/wp-content/uploads/2022/12/ 612 KB
612 KB 28ms
28ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2022/12/MicrosoftTeams-image-9.png
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6f6270b890d06ec18de601a52d4a23a3343045b8e72cc39e5307dbf76195032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
cf-cache-status: HIT
age: 244243
cf-polished: origFmt=png, origSize=758251
content-disposition: inline; filename="MicrosoftTeams-image-9.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 626336
cf-bgj: imgq:100,h2pri
last-modified: Fri, 09 Dec 2022 15:05:27 GMT
server: cloudflare
etag: "63934eb7-b91eb"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785f4b7ce0f693d-FRA

GET
H2 200 5a3031770f16c70012a3c297.js Show response
buttons-config.sharethis.com/js/ 525 B
940 B 43ms
13ms Script
text/javascript 2600:9000:20eb:5400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5a3031770f16c70012a3c297.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:5400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eee6d8fe37122ba1538560131fe5c95f9a4b6c45e2059076a7a92513fcb12f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:20 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Dec 2017 19:43:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 3
etag: "29c30155cdf2eaa96943948b94d537b6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 525
x-amz-cf-id: wCGRrF4fI3l9Bzso0i8B3LZBmuEe3YL_mjgIu2ZmQ6pUUnCyAh4zhw==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
410 B 110ms
72ms XHR
text/plain 35.156.163.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=research.checkpoint.com&location=%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&product=sticky-share-buttons&url=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Cloud%20Atlas%20targets%20entities%20in%20Russia%20and%20Belarus%20amid%20the%20ongoing%20war%20in%20Ukraine%20-%20Check%20Point%20Research&cms=unknown&publisher=5a3031770f16c70012a3c297&sop=true&version=st_sop.js&lang=en&description=%C2%A0%20Introduction%20Cloud%20Atlas%20(or%20Inception)%20is%20a%20cyber-espionage%20group.%20Since%20its%20discovery%20in%202014%2C%20they%20have%20launched%20multiple%2C%20highly%20targeted%20attacks%20on%20critical%20infrastructure%20across%20geographical%20zones%20and%20political%20conflicts.%20The%20group%E2%80%99s%20tactics%2C%20techniques%20and%20procedures%20(TTPs)%20have%20remained%20relatively%20static%20over%20the%20years.%20However%2C%20since%20the%20rapid%20escalation%20of%20the%20conflict%20between%20Russia...%20Click%20to%20Read%20More

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.163.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-163-73.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 11:00:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://research.checkpoint.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3 200 Lure_documents.png
research.checkpoint.com/wp-content/uploads/2022/12/ 481 KB
481 KB 31ms
31ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2022/12/Lure_documents.png
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a6e887377d0a34a9d8f6bb9b7a3b5a135b2996b36c7adac687ea12302d86bc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
cf-cache-status: HIT
age: 247306
cf-polished: origFmt=png, origSize=808172
content-disposition: inline; filename="Lure_documents.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 492044
cf-bgj: imgq:100,h2pri
last-modified: Fri, 09 Dec 2022 12:06:13 GMT
server: cloudflare
etag: "639324b5-c54ec"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785f4b82eef693d-FRA

GET
H3 200 Lure_documents_2.png
research.checkpoint.com/wp-content/uploads/2022/12/ 309 KB
309 KB 48ms
47ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.checkpoint.com/wp-content/uploads/2022/12/Lure_documents_2.png
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dbb3e939cc3a19943a0e4ad849884b927e697264d4dd692793c73577ac85593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
cf-cache-status: HIT
age: 15088
cf-polished: origFmt=png, origSize=552063
content-disposition: inline; filename="Lure_documents_2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 316594
cf-bgj: imgq:100,h2pri
last-modified: Fri, 09 Dec 2022 12:06:15 GMT
server: cloudflare
etag: "639324b7-86c7f"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7785f4b82ef3693d-FRA

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 56ms
45ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.1.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1098
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7785f4b8382e9bb8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 15 Dec 2022 11:00:22 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 31 KB
10 KB 68ms
8ms Script
application/javascript 23.44.74.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.74.52 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-44-74-52.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

eea93734d5f0032479fa252394415d53cbcd4e7bd6d54764543eaa8b7c9fd10c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 11:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Dec 2022 20:20:43 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63890c9b-7ad6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 10143
expires: Mon, 12 Dec 2022 11:00:22 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 85ms
35ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6518ce023e07aa4e0f8c3062e48966b6548924d35388908e6b9abe389c72fa3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 12 Dec 2022 11:00:22 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 186069134d483966274921a88b225458ba56902314f389b82e27a65735650cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 39ms
8ms Image
image/svg+xml 2600:9000:21f3:e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 03:02:50 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 2534253
etag: "0af2fb38987598376c99e21af17ade45"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 731
x-amz-cf-id: xBrdKnJ3zmgaV2mqj6jmqRtSre8-nIZl6f8BykLMSNTwtMSY1yYHFg==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 40ms
9ms Image
image/svg+xml 2600:9000:21f3:e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/whatsapp.svg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:22:27 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 383876
etag: "afe7fc60ed757db39a88d2950fce69c9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 832
x-amz-cf-id: s3aPB6CQdyKZgXJv66kR94nUeZvmI_E7Jq8123S4X0he3a_xDTcB4A==

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
725 B 40ms
9ms Image
image/svg+xml 2600:9000:21f3:e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 03:05:07 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 369982
x-amz-server-side-encryption: AES256
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 301
x-amz-cf-id: XvSSN6C5-nwyiq8oI6ABQKnRckIYsfOvKmM-9d-SykUXC17ajFXDvQ==

GET
H2 200 linkedin.svg
platform-cdn.sharethis.com/img/ 456 B
881 B 41ms
10ms Image
image/svg+xml 2600:9000:21f3:e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/linkedin.svg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 00:51:09 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 468554
etag: "fa43b4ede18498b114fc7185993f6da7"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 456
x-amz-cf-id: alQbdM7YiGDLG1-HWVINwwol1nMeCsSQtXWEPhKXDuPAB75MTEXa-Q==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
767 B 41ms
10ms Image
image/svg+xml 2600:9000:21f3:e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/email.svg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 08:13:28 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 960415
etag: "5977437466e857c7ddcadda6f6d88c2a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 343
x-amz-cf-id: iuWJsiVVlgIFUGWvGPQi13bHcrTB7uPq-nsybTTx1JaMH6ThgtqHPw==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 41ms
11ms Image
image/svg+xml 2600:9000:21f3:e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/pinterest.svg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 01:10:18 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 1245005
etag: "2b10a062e719c64b686e2e8fcdc216dc"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 771
x-amz-cf-id: F1ZQr_jLx7rFqZIqniGb1KIU5-D6wRSkzLFUfza2gHHQBL_eZcqVdg==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
938 B 11ms
8ms Image
image/svg+xml 2600:9000:21f3:e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/sharethis.svg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 02:03:54 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 1068989
etag: "deecdaa377907db5cc1722fc831670a1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 514
x-amz-cf-id: o7kekzmh0EusSXTLUZMpUViY8YiUrCZrAEDikx7HCGSD-Jg3D4aU9A==

GET
H2 200 reddit.svg
platform-cdn.sharethis.com/img/ 910 B
1 KB 11ms
11ms Image
image/svg+xml 2600:9000:21f3:e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/reddit.svg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 02:34:19 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 548764
etag: "78d796ca648d8a5e665b48ed0217c56a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 910
x-amz-cf-id: jOHG04XvEc1l1Oq18-p_nJI0hmxU5vRePMUONZuriADpK46L8b9WkQ==

GET
H2 200 arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
989 B 9ms
9ms Image
image/svg+xml 2600:9000:21f3:e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_left.svg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 02:05:38 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 377685
etag: "b55d8d2b9321e381a3c38a4bddb74037"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 565
x-amz-cf-id: uLXOtDw_Qx1Q86-p9m81nc-cA0wOgKf7yq9-FObxzlXiB8MNA6wPJw==

GET
H2 200 arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
988 B 10ms
9ms Image
image/svg+xml 2600:9000:21f3:e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_right.svg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:52:54 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 868049
etag: "9928d025bd5792b718ee0a185f62e67c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 565
x-amz-cf-id: loyPnWkKukhD-ss5O6Ez0JdZrfEMS-UrfGUVZH15Pwvl8Kn30oKWSg==

GET
H2 200 web Show response
onesignal.com/api/v1/sync/3ba17c77-81bb-4a83-8917-7b62de3d6e22/ 3 KB
2 KB 49ms
35ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/3ba17c77-81bb-4a83-8917-7b62de3d6e22/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc1e2f455fd721cd7c464d18da9f54fa9b52c171eb9ea426909813ae4891333b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 219
cf-polished: origSize=3450
status: 200 OK
x-envoy-upstream-service-time: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a683e64e-eac6-4f6d-87b6-4eadfd8133e9
x-runtime: 0.033387
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"3897e84474f62718229a2779c4dbe74f"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7785f4b8e95f6925-FRA
access-control-allow-headers: SDK-Version
expires: Mon, 12 Dec 2022 12:00:22 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
707 B 53ms
15ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 11:00:22 GMT
AN-X-Request-Uuid: e260b21f-0a73-4d7a-9c65-915a1126212b
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://research.checkpoint.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
206 B 20ms
7ms XHR
text/html 23.44.74.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.74.52 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-74-52.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://research.checkpoint.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 24 B
265 B 56ms
14ms XHR
text/html 2a02:26f0:1700:1b1::1c91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1b1::1c91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 41a8990d122f143d451739e4b1f703abbbe64adfa7083efc81af5dbd97ea8c71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 11:00:22 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://research.checkpoint.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a00:c98:2030:a004:1::15
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 24
expires: Mon, 12 Dec 2022 11:00:22 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/72d3c60a/www-widgetapi.vflset/ 162 KB
53 KB 45ms
14ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/72d3c60a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56ada742cd5b3b65e44b8c31154709a6789c12a91e97ba6ffb6140da4f0de842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 08:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8977
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54103
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 01:17:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 12 Dec 2023 08:30:45 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 196ms
186ms Image
image/gif 23.44.74.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=a7288345-6008-43b6-8529-95a14e224c10&session=ab80a1fb-6579-4471-8197-af412b2a1897&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2012%20Dec%202022%2011%3A00%3A22%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Latest%20Research%20by%20our%20Team%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cloud%20Atlas%20targets%20entities%20in%20Russia%20and%20Belarus%20amid%20the%20ongoing%20war%20in%20Ukraine%20-%20Check%20Point%20Research%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&pageViewId=433b37fe-889b-401a-8adb-e0bc1e543ce1&an_uid=0

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.74.52 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-44-74-52.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 25ms
25ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1096
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7785f4b93a509bb8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 11 Jan 2023 11:00:22 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 194ms
188ms Image
image/gif 23.44.74.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=a7288345-6008-43b6-8529-95a14e224c10&session=ab80a1fb-6579-4471-8197-af412b2a1897&event=ipv6&q=%7B%22address%22%3A%222a00%3Ac98%3A2030%3Aa004%3A1%3A%3A15%22%7D&isIframe=false&m=%7B%22description%22%3A%22Latest%20Research%20by%20our%20Team%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cloud%20Atlas%20targets%20entities%20in%20Russia%20and%20Belarus%20amid%20the%20ongoing%20war%20in%20Ukraine%20-%20Check%20Point%20Research%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&pageViewId=433b37fe-889b-401a-8adb-e0bc1e543ce1&an_uid=0

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.74.52 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-44-74-52.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/3ba17c77-81bb-4a83-8917-7b62de3d6e22/ 176 B
609 B 71ms
52ms Fetch
application/json 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/3ba17c77-81bb-4a83-8917-7b62de3d6e22/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57e48df5586242df165fa8424ae8cb9e360c8e81b6a711736bf1f395a2c02a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
status: 200 OK
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6a790203-5d35-4973-8449-ec13bc345e53
x-runtime: 0.005651
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"57e48df5586242df165fa8424ae8cb9e"
x-download-options: noopen
vary: Accept, Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 7785f4b98cf0901f-FRA
access-control-allow-headers: SDK-Version

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 746 B
588 B 32ms
10ms XHR
application/json 18.184.252.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.252.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-252-128.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9b2dc2a6592abd91e0dee577ef85461138e643d96bf3f3756f7c6d856d8d5e8b

Request headers

Referer: https://research.checkpoint.com/
accept-language: de-DE,de;q=0.9
Authorization: Token 08e578d30e2119adb1ab60b02b8f1dd15c6b908d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://research.checkpoint.com
access-control-allow-credentials: true
content-length: 399

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 47ms
10ms Preflight 18.184.252.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.252.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-252-128.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://research.checkpoint.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://research.checkpoint.com
access-control-max-age: 1800
date: Mon, 12 Dec 2022 11:00:22 GMT
server: nginx

GET
H2 200 7ec0ceb7-c110-40e8-9782-73562b05b110.gif
img.onesignal.com/t/ 3 KB
3 KB 58ms
49ms Image
image/gif 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.onesignal.com/t/7ec0ceb7-c110-40e8-9782-73562b05b110.gif

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1fd89254c5a1e26226d533849c501ce8d17f47d4271e907f0084d7a25f1f242

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
x-amz-meta-cache-control: public, maxage=604800
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: RAS26EWHCZVVC7J7
age: 2628
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2901
x-amz-id-2: +iWP8yScG7LYy9s9NT0E+FKanJAkMLRjcOgsJXR60xnthZ1ZnzGGGG5RC/e7sfbGM6o17ZEnR3k=
last-modified: Mon, 26 Aug 2019 20:17:26 GMT
server: cloudflare
etag: "c425f4400a5c9dfbaecb24275f494931"
vary: Accept-Encoding
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7785f4b9fb706925-FRA
expires: Thu, 12 Jan 2023 11:00:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 52ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://research.checkpoint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 251129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 13:14:53 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
17ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=9366162&t=event&ni=1&_s=1&dl=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&ul=en-us&de=UTF-8&dt=Cloud%20Atlas%20targets%20entities%20in%20Russia%20and%20Belarus%20amid%20the%20ongoing%20war%20in%20Ukraine%20-%20Check%20Point%20Research&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aGDAgEABAAAAAEAEK~&jid=&gjid=&cid=1553198275.1670842821&tid=UA-194688-3&_gid=351914288.1670842821&gtm=2wgbu05JCRGP&cd9=&cd10=&cd11=&cd12=&cd13=&cd14=&cd16=&cd17=Germany&z=1354932309

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 17:42:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62256
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 26ms
8ms Script
application/x-javascript 2a02:26f0:480:f::213:7ecb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=11415
accept-ranges: bytes
content-length: 4581

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 49ms
7ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230135-FRA

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
2 KB 248ms
7ms Script
application/x-javascript 23.45.104.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.104.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-104-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 11:00:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 728

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 74ms
24ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

737be8d2a2db4d729155190f62d3b1f656cdaec35b42b59eeeda3043246a50cd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 11:00:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27317
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: mbRG8Epq3zz71cgrLjk5hGP+D/pd0UVtu47ymIdMziMg2JfzDQ442CSS5BsPbzbtf9NyEjGEJRTqWFwV+uVQsw==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/51830/domain/research.checkpoint.com/ Frame 0
0 25ms
8ms Preflight 2600:9000:225e:7c00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/51830/domain/research.checkpoint.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://research.checkpoint.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 16234
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Mon, 12 Dec 2022 06:29:48 GMT
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-id: Z0E7yO4iKd1AIUrLYP7EZReaK2defRJdGVhccNo9gHn9VctMI2Tj8A==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/51830/domain/research.checkpoint.com/ 36 B
376 B 10ms
9ms XHR
application/json 2600:9000:225e:7c00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/51830/domain/research.checkpoint.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://research.checkpoint.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Dec 2022 10:41:59 GMT
content-encoding: gzip
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1103
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: LkzFYxfTdPuGJJ3pD5VELLjg-DM_0PX40b1K6EpXOleb_9Ymy9HVIQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1670842822835&url=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-wa...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D51830%26time%3D1670842822835%26url%3Dhttps%253A%252F%252Fresearch.checkpoint.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1670842822835&url=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-wa...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1670842822835&url=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-w...

0
265 B

190ms
157ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1670842822835&url=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&liSync=true&e_ipv6=AQJZp8FOjsWMLQAAAYUF_jJZWyM6lovzXvIl6fCkMLu1ywcInyFfh_y1bXeaTHXF3T7MYbBhEQQvug
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:22 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9AD29B0B3E524A52A268686881DF691C Ref B: DUS30EDGE0906 Ref C: 2022-12-12T11:00:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXvn2j3YcYe0FfX8UFSlQ==

Redirect headers

date: Mon, 12 Dec 2022 11:00:22 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5EC13ADFAC074F7B8FF1CB16D9D05DD4 Ref B: FRAEDGE1506 Ref C: 2022-12-12T11:00:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=51830&time=1670842822835&url=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&liSync=true&e_ipv6=AQJZp8FOjsWMLQAAAYUF_jJZWyM6lovzXvIl6fCkMLu1ywcInyFfh_y1bXeaTHXF3T7MYbBhEQQvug
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXvn2j0govEuxC7eTtkuw==

GET
H2 200 adsct
t.co/i/ 43 B
374 B 133ms
112ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=cb39b2ca-afc1-41e0-baa1-2c42909d7456&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8328d7a5-cf5d-40d4-a54f-64df3a1f7d09&tw_document_href=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxi3o&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time: 105
date: Mon, 12 Dec 2022 11:00:22 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 11a58720eae049b3
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 0b60bbe13a56d1813576f3a35e06e78d7bea1cb4c28f6e919411c3e2786bf835
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 301ms
118ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=cb39b2ca-afc1-41e0-baa1-2c42909d7456&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8328d7a5-cf5d-40d4-a54f-64df3a1f7d09&tw_document_href=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxi3o&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 12 Dec 2022 11:00:22 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 4be758e8470b9dae
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 18c74ffe828132b2665edd31ad5443c27282f86835ee0bc8d7365c067ad06eb4
content-length: 43

GET
H3 200 1692853834349189 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 58ms
30ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1692853834349189?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa6ca2719cb117cc766a8ddafa0e72d43e315e818ed5a3b6640f847e3c8fcc1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Dec 2022 11:00:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86005
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 9OTNaeoTdm7dJ1s7QUdeK3JGe1Z9kK3TGgmTEKJYHqFl2csRaf2KE4tl/DAM5krK1Zm782UCrwLJwM8smIZzlw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 trends.min.js Show response
assets.trendemon.com/tag/ 222 KB
44 KB 135ms
16ms Script
application/javascript 18.155.145.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/tag/trends.min.js
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/2022/cloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.145.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-47.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95951611f51d7e8e3c5be5ec9746c3d02799fc64e222ba81e05e295193d6968e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 08:18:25 GMT
content-encoding: gzip
via: 1.1 0e57ab7e4e13f8d49df5255d2b26c06e.cloudfront.net (CloudFront)
last-modified: Mon, 12 Dec 2022 08:14:34 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-P1
age: 9718
etag: "7a7702ab13032dad48e6934986f7b9fa"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 44344
x-amz-cf-id: rgBYzlSVVCzzG17RvFrqknKVEigVK-XS1NzHHSgOBIAx96GjvX3dwA==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 26ms
26ms Script
application/x-javascript 23.45.104.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.104.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-104-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 11:00:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4677
Expires: Wed, 22 Mar 2023 11:00:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 73ms
24ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1692853834349189&ev=PageView&dl=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&rl=&if=false&ts=1670842823073&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670842823072.1863063972&it=1670842822925&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Dec 2022 11:00:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 2336 Show response
trackingapi.trendemon.com/api/settings/ 765 B
904 B 423ms
105ms Script
application/x-javascript 34.239.222.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/settings/2336?callback=jsonp293346&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.222.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-222-165.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 989b7da498d3e7cc5fd4ed3667fc7f4638377dbc095035786d12f105e6ba33d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 11:00:23 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 765
content-type: application/x-javascript; charset=UTF-8

POST
H/1.1 200
OK visitWebPage
750-dqh-528.mktoresp.com/webevents/ 2 B
318 B 467ms
96ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://750-dqh-528.mktoresp.com/webevents/visitWebPage?_mchNc=1670842823090&_mchCn=&_mchId=750-DQH-528&_mchTk=_mch-checkpoint.com-1670842823090-13985&_mchHo=research.checkpoint.com&_mchPo=&_mchRu=%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 11:00:23 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 25f2f493-0b9d-4606-a6e8-333fa349b4f0

GET
H2 200 identity.min.js Show response
assets.trendemon.com/global/ 17 KB
6 KB 14ms
13ms Script
application/javascript 18.155.145.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/global/identity.min.js
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.145.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-47.ham50.r.cloudfront.net
Software: / Express
Resource Hash: c66036f1288dcf003502e4f687e102a7ec6afe8bfa29daa9a5bb5ab62eb3567c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 08:18:25 GMT
content-encoding: gzip
via: 1.1 0e57ab7e4e13f8d49df5255d2b26c06e.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-P1
age: 9718
x-powered-by: Express
x-cache: Hit from cloudfront
trd-ts: 2022-12-12T08:18:25.386Z
last-modified: Mon, 12 Dec 2022 08:13:37 GMT
etag: W/"46f8-18505658368"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: sJxQ-s-w9NL5zFVmBwnuXh8JU3Vwlhha5qMSNdE_aSR_z48f3g7J1A==

GET
H2 200 me Show response
trackingapi.trendemon.com/api/Identity/ 95 B
508 B 114ms
114ms Script
application/x-javascript 34.239.222.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/Identity/me?accountId=2336&DomainCookie=16708428235121084&fingerPrint=b342a6c3356a782ac2b9f3a7c07c5046&callback=jsonp541736&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.222.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-222-165.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 1c74fff8c4c760a403fcf46f1960f3cdcf518dba635b2bbfedbe281c76a9a660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 11:00:23 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 95
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 190ms
189ms Image
image/gif 23.44.74.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=a7288345-6008-43b6-8529-95a14e224c10&session=ab80a1fb-6579-4471-8197-af412b2a1897&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2012%20Dec%202022%2011%3A00%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2012%20Dec%202022%2011%3A00%3A22%20GMT%22%2C%22timeSpent%22%3A%221061%22%2C%22totalTimeSpent%22%3A%221061%22%7D&isIframe=false&m=%7B%22description%22%3A%22Latest%20Research%20by%20our%20Team%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cloud%20Atlas%20targets%20entities%20in%20Russia%20and%20Belarus%20amid%20the%20ongoing%20war%20in%20Ukraine%20-%20Check%20Point%20Research%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&pageViewId=433b37fe-889b-401a-8adb-e0bc1e543ce1&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.74.52 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-44-74-52.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:23 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E30C 0
18 B 51ms
23ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://research.checkpoint.com
Referer: https://research.checkpoint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://research.checkpoint.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 11:00:23 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 marketingautomation Show response
trackingapi.trendemon.com/api/ 95 B
232 B 114ms
113ms Script
application/x-javascript 34.239.222.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/marketingautomation?AccountId=2336&ClientUrl=aHR0cHM6Ly9yZXNlYXJjaC5jaGVja3BvaW50LmNvbS8yMDIyL2Nsb3VkLWF0bGFzLXRhcmdldHMtZW50aXRpZXMtaW4tcnVzc2lhLWFuZC1iZWxhcnVzLWFtaWQtdGhlLW9uZ29pbmctd2FyLWluLXVrcmFpbmUv&CookieId=16708428235121084&MaCookie=aWQ6NzUwLURRSC01MjgmdG9rZW46X21jaC1jaGVja3BvaW50LmNvbS0xNjcwODQyODIzMDkwLTEzOTg1&MaCookieName=X21rdG9fdHJr&MaName=marketo&callback=jsonp649461&vid=2336:16708428235121084
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.222.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-222-165.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 07feab3229d9e4961fec8d15a301efe31749a4009a132218a7f75455fb7cdcd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 11:00:23 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 95
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 pageview
trackingapi.trendemon.com/api/events/ 43 B
234 B 125ms
125ms Image
image/gif 34.239.222.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trackingapi.trendemon.com/api/events/pageview?accountId=2336&url=aHR0cHM6Ly9yZXNlYXJjaC5jaGVja3BvaW50LmNvbS8yMDIyL2Nsb3VkLWF0bGFzLXRhcmdldHMtZW50aXRpZXMtaW4tcnVzc2lhLWFuZC1iZWxhcnVzLWFtaWQtdGhlLW9uZ29pbmctd2FyLWluLXVrcmFpbmUv&cookie=16708428235121084&referral=&variant=&vid=2336:16708428235121084&r=1670842823715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.222.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-222-165.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 11:00:23 GMT
server: Kestrel
age: 1691358
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 multiple
trackingapi.trendemon.com/api/events/client-app/ 43 B
234 B 105ms
105ms Image
image/gif 34.239.222.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trackingapi.trendemon.com/api/events/client-app/multiple?accountId=2336&url=aHR0cHM6Ly9yZXNlYXJjaC5jaGVja3BvaW50LmNvbS8yMDIyL2Nsb3VkLWF0bGFzLXRhcmdldHMtZW50aXRpZXMtaW4tcnVzc2lhLWFuZC1iZWxhcnVzLWFtaWQtdGhlLW9uZ29pbmctd2FyLWluLXVrcmFpbmUv&app=sixsense&names=%5B%5D&vid=2336:16708428235121084&r=1670842823716
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.222.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-222-165.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 11:00:23 GMT
server: Kestrel
age: 1691358
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 personal Show response
trackingapi.trendemon.com/api/experience/ 15 B
114 B 112ms
111ms Script
application/x-javascript 34.239.222.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/experience/personal?AccountId=2336&ClientUrl=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&MarketingAutomationCookie=id%3A750-DQH-528%26token%3A_mch-checkpoint.com-1670842823090-13985&ExcludeUnitsJson=%5B%5D&callback=jsonp355261&vid=2336:16708428235121084
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.222.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-222-165.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 892e264384d86d593c344cdf98796c882211c5b4387073bde4d5eacdfb16a2c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:24 GMT
server: Kestrel
content-length: 15
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 personal-embedded Show response
trackingapi.trendemon.com/api/experience/ 14 B
113 B 107ms
106ms Script
application/x-javascript 34.239.222.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/experience/personal-embedded?AccountId=2336&ClientUrl=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&MarketingAutomationCookie=id%3A750-DQH-528%26token%3A_mch-checkpoint.com-1670842823090-13985&Ids=%5B%5D&Groups=%5B%5D&callback=jsonp72967&vid=2336:16708428235121084
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.222.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-222-165.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 5cf4428da6c83ea1ed2f01d59f06dcfcdee1d3bdb405c664c31d45a4589e1f5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:24 GMT
server: Kestrel
content-length: 14
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 186ms
186ms Image
image/gif 23.44.74.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=a7288345-6008-43b6-8529-95a14e224c10&session=ab80a1fb-6579-4471-8197-af412b2a1897&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2012%20Dec%202022%2011%3A00%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2012%20Dec%202022%2011%3A00%3A23%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222063%22%7D&isIframe=false&m=%7B%22description%22%3A%22Latest%20Research%20by%20our%20Team%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cloud%20Atlas%20targets%20entities%20in%20Russia%20and%20Belarus%20amid%20the%20ongoing%20war%20in%20Ukraine%20-%20Check%20Point%20Research%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&pageViewId=433b37fe-889b-401a-8adb-e0bc1e543ce1&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.74.52 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-44-74-52.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:24 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 186ms
185ms Image
image/gif 23.44.74.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=a7288345-6008-43b6-8529-95a14e224c10&session=ab80a1fb-6579-4471-8197-af412b2a1897&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2012%20Dec%202022%2011%3A00%3A25%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2012%20Dec%202022%2011%3A00%3A24%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223064%22%7D&isIframe=false&m=%7B%22description%22%3A%22Latest%20Research%20by%20our%20Team%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cloud%20Atlas%20targets%20entities%20in%20Russia%20and%20Belarus%20amid%20the%20ongoing%20war%20in%20Ukraine%20-%20Check%20Point%20Research%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&pageViewId=433b37fe-889b-401a-8adb-e0bc1e543ce1&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.74.52 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-44-74-52.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:25 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 51ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-48VXKGDGCV&gtm=2oebu0&_p=9366162&cid=1553198275.1670842821&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1670842820&sct=1&seg=0&dl=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&dt=Cloud%20Atlas%20targets%20entities%20in%20Russia%20and%20Belarus%20amid%20the%20ongoing%20war%20in%20Ukraine%20-%20Check%20Point%20Research&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://research.checkpoint.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 11:00:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://research.checkpoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 186ms
186ms Image
image/gif 23.44.74.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=a7288345-6008-43b6-8529-95a14e224c10&session=ab80a1fb-6579-4471-8197-af412b2a1897&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2012%20Dec%202022%2011%3A00%3A26%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2012%20Dec%202022%2011%3A00%3A25%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224065%22%7D&isIframe=false&m=%7B%22description%22%3A%22Latest%20Research%20by%20our%20Team%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cloud%20Atlas%20targets%20entities%20in%20Russia%20and%20Belarus%20amid%20the%20ongoing%20war%20in%20Ukraine%20-%20Check%20Point%20Research%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&pageViewId=433b37fe-889b-401a-8adb-e0bc1e543ce1&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.74.52 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-44-74-52.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:26 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 185ms
184ms Image
image/gif 23.44.74.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=a7288345-6008-43b6-8529-95a14e224c10&session=ab80a1fb-6579-4471-8197-af412b2a1897&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2012%20Dec%202022%2011%3A00%3A27%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2012%20Dec%202022%2011%3A00%3A26%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225066%22%7D&isIframe=false&m=%7B%22description%22%3A%22Latest%20Research%20by%20our%20Team%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cloud%20Atlas%20targets%20entities%20in%20Russia%20and%20Belarus%20amid%20the%20ongoing%20war%20in%20Ukraine%20-%20Check%20Point%20Research%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fresearch.checkpoint.com%2F2022%2Fcloud-atlas-targets-entities-in-russia-and-belarus-amid-the-ongoing-war-in-ukraine%2F&pageViewId=433b37fe-889b-401a-8adb-e0bc1e543ce1&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.74.52 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-44-74-52.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://research.checkpoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:00:27 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.checkpoint.com/	1970-01-20 08:08:49	Name: _gid Value: GA1.2.351914288.1670842821
.checkpoint.com/	1970-01-20 08:07:22	Name: _dc_gtm_UA-194688-3 Value: 1
.checkpoint.com/	1969-12-31 23:59:59	Name: referralURL Value:
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: uGVXLEoaDgM
.youtube.com/	1970-01-20 12:26:34	Name: VISITOR_INFO1_LIVE Value: jkJ5yttRcsQ
research.checkpoint.com/	1970-01-20 08:17:27	Name: _an_uid Value: 0
research.checkpoint.com/	1970-01-20 17:43:22	Name: _gd_visitor Value: a7288345-6008-43b6-8529-95a14e224c10
research.checkpoint.com/	1970-01-20 08:07:37	Name: _gd_session Value: ab80a1fb-6579-4471-8197-af412b2a1897
.checkpoint.com/	1970-01-20 17:43:22	Name: _ga Value: GA1.2.1553198275.1670842821
.checkpoint.com/	1970-01-20 17:43:22	Name: _ga_48VXKGDGCV Value: GS1.1.1670842820.1.0.1670842822.0.0.0
.6sc.co/	1970-01-20 17:43:22	Name: 6suuid Value: 3128431734120000c6099763120300009f243900
.research.checkpoint.com/	1970-01-20 08:08:49	Name: ln_or Value: d
.t.co/	1970-01-20 17:43:22	Name: muc_ads Value: 6f53a1e1-1771-41bf-bd64-3b739408f0b2
.linkedin.com/	1970-01-20 08:50:34	Name: UserMatchHistory Value: AQJYzrLd7BqluwAAAYUF_jEeOedvTv3hcnLmFmhRkGkmpN-pa9C65n96uqUlLvPXwGbXOtPi3Tclww
.linkedin.com/	1970-01-20 08:50:34	Name: AnalyticsSyncHistory Value: AQIwU6Qb3FpK0AAAAYUF_jEeSel6mEmsmkFrfctdewAi1AySikVcAUo7Ok7l6ClEV1iW5u0SFlku0CxRqpPA2A
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:52:58	Name: bcookie Value: "v=2&b1fad9e5-9995-4edf-8571-88508ef6dc38"
.linkedin.com/	1970-01-20 08:08:49	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2441:u=1:x=1:i=1670842822:t=1670929222:v=2:sig=AQE_Ooxf8okGtAOMKhB0JRwNeyG3JXfx"
.checkpoint.com/	1970-01-20 10:16:58	Name: _fbp Value: fb.1.1670842823072.1863063972
.checkpoint.com/	1970-01-20 17:43:22	Name: _mkto_trk Value: id:750-DQH-528&token:_mch-checkpoint.com-1670842823090-13985
.twitter.com/	1970-01-20 17:43:22	Name: personalization_id Value: "v1_RTo9BPFHiusH3h/noYCkvQ=="
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:52:58	Name: bscookie Value: "v=1&20221212110023a4eed951-b1b9-4dfd-8592-843a7d6abdb6AQHRYudkbymW4KlZEI9X12ar_VBx-oFm"
.linkedin.com/	1970-01-20 12:26:34	Name: li_gc Value: MTswOzE2NzA4NDI4MjM7MjswMjHyOuTo2r5+gjHhduA2NRR4Duv8AyYKZAL0bSJZFXqpCw==
.checkpoint.com/	1970-01-20 16:52:58	Name: trd_cid Value: 16708428235121084
trackingapi.trendemon.com/	1970-01-20 17:43:22	Name: trd_gavid_2336 Value: 16708428235121084
trackingapi.trendemon.com/	1970-01-20 17:43:22	Name: trd_gvid Value: 16708428235121084
trackingapi.trendemon.com/	1970-01-20 17:43:22	Name: trd_vid_2336 Value: 2336%3A16708428235121084
.checkpoint.com/	1970-01-20 16:52:58	Name: trd_vid_l Value: 2336%3A16708428235121084
.checkpoint.com/	1970-01-20 16:52:58	Name: trd_vuid_l Value: -8118973853612589906
.checkpoint.com/	1970-01-20 16:52:58	Name: trd_first_visit Value: 1670842824
.checkpoint.com/	1970-01-20 16:52:58	Name: trd_pw Value: 1
.checkpoint.com/	1970-01-20 08:07:24	Name: trd_pws Value: 1
.checkpoint.com/	1970-01-20 08:07:24	Name: trd_sid Value: 16708428237132098
.checkpoint.com/	1970-01-20 08:08:06	Name: trd_ma_cookie Value: aWQ6NzUwLURRSC01MjgmdG9rZW46X21jaC1jaGVja3BvaW50LmNvbS0xNjcwODQyODIzMDkwLTEzOTg1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

750-dqh-528.mktoresp.com
analytics.twitter.com
assets.trendemon.com
b.6sc.co
buttons-config.sharethis.com
c.6sc.co
cdn.linkedin.oribi.io
cdn.onesignal.com
code.jquery.com
connect.facebook.net
epsilon.6sense.com
fonts.googleapis.com
fonts.gstatic.com
img.onesignal.com
ipv6.6sc.co
j.6sc.co
l.sharethis.com
munchkin.marketo.net
onesignal.com
platform-api.sharethis.com
platform-cdn.sharethis.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
research.checkpoint.com
sc1.checkpoint.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
trackingapi.trendemon.com
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.youtube.com
104.244.42.3
104.244.42.5
13.107.42.14
13.32.99.22
141.193.213.21
146.75.116.157
18.155.145.47
18.184.252.128
184.51.87.104
185.89.211.116
192.28.144.124
2001:4860:4802:32::178
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2b
23.44.74.52
23.45.104.85
2600:9000:20eb:5400:c:abe:f440:93a1
2600:9000:21f3:e00:1d:85c3:6640:93a1
2600:9000:225e:7c00:2:53b2:240:93a1
2606:4700::6812:e134
2606:4700::6812:e234
2606:4700:e2::ac40:840f
2620:1ec:21::14
2a00:1450:4001:802::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2004
2a00:1450:4001:812::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c0d::9b
2a02:26f0:1700:1b1::1c91
2a02:26f0:480:f::213:7ecb
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.239.222.165
35.156.163.73
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
07feab3229d9e4961fec8d15a301efe31749a4009a132218a7f75455fb7cdcd5
0fc686423c26cb1030032fd7e4f2dd664c4b08517a8990c0b46269dd4e01910b
0fe8bcbcd24ab838fbbd773001253fc0353956e81c5ba9c8e23951ebdbae305a
186069134d483966274921a88b225458ba56902314f389b82e27a65735650cf1
1998582382fbf956231d65be84b76e08c0c86e5ced8a99c703bdec416d876d76
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1c74fff8c4c760a403fcf46f1960f3cdcf518dba635b2bbfedbe281c76a9a660
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
3643b2c826a615065303aa44b8f463eb854d77934f5f25dc1f74f60d4698f9f0
3753723f9bcfdd622dad945e9b2b2ba2957d57742c4a22ad263fb3e191d5b964
3cb28b165527f0c337ad89cab2d6aba21dc70815ad072089f605215b4fac1431
408ddad0ef179adef886bffc95c5851680e2e1a3d9f04a03f5bb8d1efb73344c
41a8990d122f143d451739e4b1f703abbbe64adfa7083efc81af5dbd97ea8c71
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
51353d5adf1d02ac0e49905a87fa8f8d0e40a1e0bd51d28a6a03870392f19e00
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56ada742cd5b3b65e44b8c31154709a6789c12a91e97ba6ffb6140da4f0de842
57a9c4e1ee07d17ba936d1fc2bac7c81d23373289fd951248ee40e9bb77069db
57e48df5586242df165fa8424ae8cb9e360c8e81b6a711736bf1f395a2c02a2f
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a6e887377d0a34a9d8f6bb9b7a3b5a135b2996b36c7adac687ea12302d86bc7
5c7fc311a232fc32e6bd553d6b6e9f791ac9a6fa3bd67338f71b4f3f8fc1c3c9
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5cf4428da6c83ea1ed2f01d59f06dcfcdee1d3bdb405c664c31d45a4589e1f5d
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
6518ce023e07aa4e0f8c3062e48966b6548924d35388908e6b9abe389c72fa3e
6c889ab971a29fc22f94ac497d4f61eadfc64521f668034e0d7b3dcc328759d0
6efb7d28ce292e5b3630783cc09ea8c7495284cbfd059bc611b4720c3ac2d566
737be8d2a2db4d729155190f62d3b1f656cdaec35b42b59eeeda3043246a50cd
745d612ed11591074ef61f0c17d0ab39f229940d530e3aae42cea9de72bb3987
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
791d8c8cb135d3d53915096e999d3857b6ee16966c20a019f38699f09f6aa2ff
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7dbb3e939cc3a19943a0e4ad849884b927e697264d4dd692793c73577ac85593
7f5bd223eafa1c6d1aff21c91c6bfb825f7f36830d97eef41c432681ed671f85
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
892e264384d86d593c344cdf98796c882211c5b4387073bde4d5eacdfb16a2c4
91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc
953d6908ab55929254e46c77e5c751a6e2df7ab84430f134edc3bb62d8f7d32f
95951611f51d7e8e3c5be5ec9746c3d02799fc64e222ba81e05e295193d6968e
989b7da498d3e7cc5fd4ed3667fc7f4638377dbc095035786d12f105e6ba33d0
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9b2dc2a6592abd91e0dee577ef85461138e643d96bf3f3756f7c6d856d8d5e8b
a22d6b8782097b7cd9588ab582e119bfd6290278275661e9d0f96b2baec0cb8e
a59bba774218f207179b30aa8bbd21bad0f7355a52321e08138bd77a308c27d5
a8da941d8a446516c824ebc9fb77b42e6b92c6deed1daed266bd821ed27bc516
aa6ca2719cb117cc766a8ddafa0e72d43e315e818ed5a3b6640f847e3c8fcc1b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae3754c54a0880a98a94c423d3e67f39b5b6f3c63516dafa33866e3e74c9f97d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fd89254c5a1e26226d533849c501ce8d17f47d4271e907f0084d7a25f1f242
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7cfb1c9430d90b22b3f4497543a4cfef719dc40a3cce130cad766171abe8bbe
bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db
c0f7ef8329ae6da56bd269492901fb024a05d7b67e977995a82b506af4b3b030
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c66036f1288dcf003502e4f687e102a7ec6afe8bfa29daa9a5bb5ab62eb3567c
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d6f6270b890d06ec18de601a52d4a23a3343045b8e72cc39e5307dbf76195032
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc1e2f455fd721cd7c464d18da9f54fa9b52c171eb9ea426909813ae4891333b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b9e73338554c8f9cc6dc934fc765f21b7f12b42c3908b07347dfb5fb90f165
eea93734d5f0032479fa252394415d53cbcd4e7bd6d54764543eaa8b7c9fd10c
eee6d8fe37122ba1538560131fe5c95f9a4b6c45e2059076a7a92513fcb12f20
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f2543598ef1f4ead06a604ac151e0466dd405bd6fcce02c9074567066eb89085
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe2df9f6df4b4a8d7174d259f563b8d9e28e4c03f8f4092fd9db6044e0e64c32

research.checkpoint.com Open in urlscan Pro 141.193.213.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

102 Requests

99 %HTTPS

58 %IPv6

27 Domains

40 Subdomains

36 IPs

4 Countries

2583 kBTransfer

4601 kBSize

35 Cookies

26 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

research.checkpoint.com Open in urlscan Pro
141.193.213.21 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

99 %
HTTPS

58 %
IPv6

27
Domains

40
Subdomains

36
IPs

4
Countries

2583 kB
Transfer

4601 kB
Size

35
Cookies

102 HTTP transactions
1 data transactions