www.secureblink.com Open in urlscan Pro
2606:4700:3032::681b:b6dc Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
Submission: On December 16 via manual (December 16th 2020, 2:50:45 pm UTC) from US

Summary HTTP 95 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 18 domains to perform 95 HTTP transactions. The main IP is 2606:4700:3032::681b:b6dc, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.secureblink.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2020. Valid for: a year.

This is the only time www.secureblink.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
56	2606:4700:303... 2606:4700:3032::681b:b6dc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.96.124 65.9.96.124	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:ebcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e7cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:80ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:e000:1f:f723:6fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2010	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.96.128 65.9.96.128	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	65.9.73.36 65.9.73.36	16509 (AMAZON-02) (AMAZON-02)
1	65.9.96.7 65.9.96.7	16509 (AMAZON-02) (AMAZON-02)
1	63.33.16.37 63.33.16.37	16509 (AMAZON-02) (AMAZON-02)
95	24

56 2606:4700:3032::681b:b6dc (United States)

ASN13335 (CLOUDFLARENET, US)

www.secureblink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.secureblink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.124 (Seattle, United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ebcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e7cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:e000:1f:f723:6fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.7 (Seattle, United States)

ASN16509 (AMAZON-02, US)

tr.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.16.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-16-37.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	secureblink.com www.secureblink.com cms.secureblink.com	306 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	216 KB
7	hubspot.com api.hubspot.com forms.hubspot.com app.hubspot.com track.hubspot.com	4 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	61 KB
2	facebook.com www.facebook.com	417 B
2	google-analytics.com www.google-analytics.com	19 KB
2	lfeeder.com sc.lfeeder.com tr.lfeeder.com	5 KB
2	google.com www.google.com	763 B
2	facebook.net connect.facebook.net	93 KB
2	googleapis.com fonts.googleapis.com storage.googleapis.com	19 KB
1	hscollectedforms.net js.hscollectedforms.net	25 KB
1	hsleadflows.net js.hsleadflows.net	77 KB
1	usemessages.com js.usemessages.com	20 KB
1	hs-banner.com js.hs-banner.com	13 KB
1	hs-analytics.net js.hs-analytics.net	18 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	hs-scripts.com js.hs-scripts.com	992 B
1	cloudflare.com ajax.cloudflare.com	5 KB
95	18

	Domain	Requested by
54	www.secureblink.com	www.secureblink.com ajax.cloudflare.com
7	fonts.gstatic.com	fonts.googleapis.com
2	track.hubspot.com
2	www.facebook.com	connect.facebook.net
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	api.hubspot.com	js.usemessages.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.com	www.secureblink.com www.gstatic.com
2	cms.secureblink.com	www.secureblink.com
2	connect.facebook.net	www.secureblink.com connect.facebook.net
1	in.hotjar.com	script.hotjar.com
1	app.hubspot.com	js.usemessages.com
1	tr.lfeeder.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.gstatic.com	www.google.com
1	storage.googleapis.com
1	sc.lfeeder.com	www.secureblink.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	static.hotjar.com	www.secureblink.com
1	www.googletagmanager.com	ajax.cloudflare.com
1	js.hs-scripts.com	ajax.cloudflare.com
1	fonts.googleapis.com	www.secureblink.com
1	ajax.cloudflare.com	www.secureblink.com
95	28

This site contains links to these domains. Also see Links.

Domain
securityaffairs.co
www.facebook.com
twitter.com
www.linkedin.com
telegram.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-15` - `2021-07-15`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.lfeeder.com Amazon	`2020-09-04` - `2021-10-06`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
Frame ID: 2F3A622BC01211BA1EB737673D020058
Requests: 90 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=invisible&badge=bottomleft&cb=nxyf1bnh89ot
Frame ID: A5344E9B30DA6D194352FB05FF4F7625
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: C10CDDBB5E60B6832BBE872D4008E484
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/7652426/threads/utk/cabf9003dfad453c8996bf339f95aa4d?uuid=fcb0cbc37bc840eb91f98a22692fcd40&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=secureblink.com&inApp53=false&messagesUtk=cabf9003dfad453c8996bf339f95aa4d&url=https%3A%2F%2Fwww.secureblink.com%2Fcyber-security-news%2Frussian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 404C5559A72DFFB2A4270D332DF88D84
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

95
Requests

100 %
HTTPS

79 %
IPv6

18
Domains

28
Subdomains

24
IPs

3
Countries

919 kB
Transfer

2593 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://securityaffairs.co/wordpress/76922/intelligence/apt28-back-espionage.html
Title: APT28

Search URL Search Domain Scan URL

URL: https://www.facebook.com/secureblink/
Title: .a{fill:#ff5b56}

Search URL Search Domain Scan URL

URL: https://twitter.com/secure_blink
Title: .a{fill:#ff5b56}

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/secure-blink
Title: .a{fill:#ff5b56}

Search URL Search Domain Scan URL

URL: https://telegram.me/secureblink

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware Show response
www.secureblink.com/cyber-security-news/ 52 KB
11 KB 11647ms
11607ms Document
text/html 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cfdcc53bf7f09ddd08c1cf45ed0d724b2508ebf8ad9a150e55db832616e0a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.secureblink.com
:scheme: https
:path: /cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:20 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=da89025025fe75fd724fc8947428373331608130209; expires=Fri, 15-Jan-21 14:50:09 GMT; path=/; domain=.secureblink.com; HttpOnly; SameSite=Lax; Secure
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
x-cloud-trace-context: 48cc1489bdbf1642885672a32ca1fbde;o=1
cf-cache-status: DYNAMIC
cf-request-id: 070da0be4500002c3ab2b8a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nhIE9prqID4%2B9%2BveW4OCsQXCNRw04GcAYZK5TGq30nNLR%2FibfZKiKFV4JK6mk1rvd%2BlDAAGQQmg1zeWAeeMhl4V7AsvwGQtTT%2BNseF63ek3aK9XlEiJDaYhl4bxFBMS9"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 602937106f022c3a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cbaa70ce802834a42da6.css
www.secureblink.com/_next/static/css/ 38 KB
8 KB 2236ms
2231ms Stylesheet
text/css 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/css/cbaa70ce802834a42da6.css

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7dd4736df496ff824b9277987bd334590fe122088d7e338357f26a913d80dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 0225a85ce0a323c787c965f763176421
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0eba400002c3ae52dd000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"970f-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rUi6uJUU12uQFqTNpwE9%2Btbw4lrTTfl38EgjMnJrfIk5uSHfPRdAWYXWk7J1QL%2Bem0E2iqx0ainfFT3%2BYyzAlxPnrKwQeKXiRRzQm%2BIjIbObtrcLouLP109O%2BI53hjo4"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e272c3a-FRA

GET
H2 200 d34bc1b8ff8b5b34b8aa.css
www.secureblink.com/_next/static/css/ 4 KB
1 KB 2207ms
2203ms Stylesheet
text/css 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/css/d34bc1b8ff8b5b34b8aa.css

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86ce1191fc4dbf64687ddb19c4969e2c4828ebd20c36c8ddce9ff30e1855b5f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 7a4851c3d83b94eff0da790d944f2783
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0eba500002c3ad3a23000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"fe0-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O84evVwZTzbSgzuNBlpmVDXljLgDIMLO7C38xTeyKq5LXhMwNeZrdNn9%2BTtP%2FVf97vFfANGqVSYryE7TZsHQz5voSsQnY%2FmSvGYPbwJCxbwluBB84srdXDWaE%2F7xGr5E"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e292c3a-FRA

GET
H2 200 %5Bslug%5D.js Show response
www.secureblink.com/_next/static/puwwPQzxbRPbsttGnbiQa/pages/cyber-security-news/ 2 KB
1 KB 2165ms
2161ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/puwwPQzxbRPbsttGnbiQa/pages/cyber-security-news/%5Bslug%5D.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d849e7d3485e39cd044485ffebd73360d2ab642a97dcfdb0ec2c02ce23c7b9ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 16b1da60fa8378253dd23a3d7f560fb0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0eba500002c3a9c1aa000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"9c2-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K2nljxIEcmy6QMZeJTfrGNlf1IzofOkbMRzAvyHX0FqBlD9CQgeQpBN4aInX15t3L4m%2B%2FAsXYziFu3b%2BaG15uS68MltNPnF86IQCFKGm7Vly1Q2dFmCDTZAM1aNDY0xS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e2b2c3a-FRA

GET
H2 200 _app.js Show response
www.secureblink.com/_next/static/puwwPQzxbRPbsttGnbiQa/pages/ 60 KB
19 KB 2300ms
2296ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/puwwPQzxbRPbsttGnbiQa/pages/_app.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b7256373e48aace54a6c1df73eb684e0431831b5160dfeb2c24e55ea3d16bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: eee4df7ebb01a52c32147e4a51d2ef9a
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0eba500002c3a8da90000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"f002-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uswpyD%2F%2FKPjT%2BrH4MNaPPpmTmpjHs%2F%2Fg7jdIPamyIbFXVGXDlkijXWrMk%2BqJkaafDly4OMv%2BXZwOVYBjJfmIRNOnGlYRXabtSPq1SX85M4i1lxcoxtis4psN28i1PKYr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e2c2c3a-FRA

GET
H2 200 webpack-b65cab0b00afd201cbda.js Show response
www.secureblink.com/_next/static/runtime/ 1 KB
1 KB 2157ms
2154ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/runtime/webpack-b65cab0b00afd201cbda.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63f9cfdc969fcfa0ba6f76de8cc24f3872b1c039b3bb284612242954d7d50f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: ca4b03a39256faa4886c4dd7c82e66cf
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0eba500002c3acf850000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"5fb-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fMkjyoDtuDklOB8ZvyU1Vovz2CEWfOHEGGdxYc8iU3dudAl1uu3H%2F6%2FqMXbLsyTAZgaMR%2Bti30JzBRzkPc4TRFrNpHrd2aTB4UtAMZL1WpsqHVJ2AkWjZmn1rxpNsy0r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e2d2c3a-FRA

GET
H2 200 framework.8d738cd9f2950118dcb6.js Show response
www.secureblink.com/_next/static/chunks/ 126 KB
38 KB 2683ms
2679ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/framework.8d738cd9f2950118dcb6.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ece9461b67448fd9efc75ad4bbf3c6a2f0d0aea477046e8822068aee283160d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: cf70ea5c83fd7e017f29fda28b309d1d
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0eba500002c3ac91bf000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"1f968-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EPg6G%2BDLHXUDe%2BuY5o2FcGvjATA5Hli4OTP1Feq%2B6VbM0DCGHVSRrxswEK6apjmwIippdwdAlcDfPIhbtBzlQXnShXZkixq51OJ7ACXUN3b8bsn6E2PCN7hFdNMSIXf%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e2e2c3a-FRA

GET
H2 200 commons.fe5261367496cfc6fdbd.js Show response
www.secureblink.com/_next/static/chunks/ 29 KB
10 KB 513ms
510ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/commons.fe5261367496cfc6fdbd.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

034a9e88fe70939fcd99f80609ba992e4e20413aa2aaeb81f4b2bbd436e37c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 60127183508ece80c1fb778ca231b180
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0eba600002c3a96907000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"7466-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y9f5hSD6%2FIJKLpY%2BJxbYhX9ThDNsRmd4%2By38ArxuY20AbK219iC1ZIqXom%2Fn3GbGgcLvZL%2FoWRSwBwzbP68z3oht8jq2s6PTqRiKYkfYbhAn13zMNaGijvy9QoXgJOW1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e2f2c3a-FRA

GET
H2 200 656d01fe137da46250c530a526ca1fd9f4b2d483.213e35f8f261e8c6dc96.js Show response
www.secureblink.com/_next/static/chunks/ 14 KB
5 KB 2202ms
2199ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/656d01fe137da46250c530a526ca1fd9f4b2d483.213e35f8f261e8c6dc96.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a20dd40541332578d6b1ba51f4df4f9b5cc1bcaaf61667dea0ce5035a675967a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 61b3e55864633a70f2bd065d582a943b
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0eba600002c3a95132000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"378f-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jKAo9HfkLblTselCgbY1qnAvdRwHHBlcynpvaApkGHN1KvNdIYuA%2BfMBS1%2FnqVwdTcWGALaWqUGEZWKGAtuStDQrlMPhd5m8fGMfrYEQqHnSnRxpot1uz7FZNMZM7EQE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e312c3a-FRA

GET
H2 200 b586ab3784afb148bd8ce607f8cb37853b228fbf.bb5316b07baa32264e54.js Show response
www.secureblink.com/_next/static/chunks/ 72 KB
19 KB 2357ms
2354ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/b586ab3784afb148bd8ce607f8cb37853b228fbf.bb5316b07baa32264e54.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc560ee510ebcdec540cacb18bda272a320d434777c8a604c06a6aedf5ccc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: a51fc551a33e73517810657b761e4c5c
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0eba600002c3aa3895000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"12169-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QSOX%2B22oi2gsldTWS7pXrgAMcOj0u4boMPZlcP54JUWafnoFPwr32UD9B1vywS0TH9pH7%2BLMA2XsVWxhhqBoIOvGYNfgZ0n2G8d4E6eqtaeeG3gSG1ulII%2BaRLQhLX1B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e322c3a-FRA

GET
H2 200 da3b60870c69ce2abf0b3c56a1b88e4f7b7559b0.40f4dbf08cb9beaebb98.js Show response
www.secureblink.com/_next/static/chunks/ 19 KB
7 KB 2207ms
2204ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/da3b60870c69ce2abf0b3c56a1b88e4f7b7559b0.40f4dbf08cb9beaebb98.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e86643e149fee4f159fdac0a9d8094f620bb52bcdaab68a3db553bf96a6c894d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 03115f7e9f6002ee3add78b0a08ed936
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0eba600002c3ab2854000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"4abe-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cC64LO0bBPLKbJHCOZoEjYyfIEA%2FlO3v6AEavsZOHDEYPnfCCFN0rEFvdwclvXf0K8XahNzbla6JJFLICwSgB226IFPEqKk4xmWuNoaeuAgkmfQMFhWGwVpxBmyrQgEL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e332c3a-FRA

GET
H2 200 main-f117649df84b6ae7a435.js Show response
www.secureblink.com/_next/static/runtime/ 16 KB
6 KB 2171ms
2168ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/runtime/main-f117649df84b6ae7a435.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c2a16bd17b2c65f616d22751a551547435e75cea42fa0dd4dbae3f8aac78b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 3ade2754bb095288bc4bccc6d1eecf29
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0eba600002c3aecbe1000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"400e-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HSlDmHOe4AZE2EBhxEEulEHN2GFfUR4yi8Ag6VM3GGSX9DT7vhDe5w3sDKWJgMq7EpL%2FFVXvcsn8x5ABWRZ%2F%2Bk16w05tVo%2BnHgMa27crm4swBrbnr%2FryN%2Brnnoy6OiTf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e342c3a-FRA

GET
H2 200 eb1f25c857e586678c21492b21e6df936f0e961c.2c2962e2fa4523bec0f5.js Show response
www.secureblink.com/_next/static/chunks/ 11 KB
4 KB 2180ms
2177ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/eb1f25c857e586678c21492b21e6df936f0e961c.2c2962e2fa4523bec0f5.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

714ed2b1ca2b6590a95736c71c3beaa93ead9d62973f9d36005177157f45e956

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 84c3ce4303a06961cdca0a3998634b3b
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0eba600002c3add34f000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"2c16-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Ft8uRH7Hb22LBHi3jtpbpRFwVsABQOkOwxW3QppTLgaW0wmZwf7Lo%2BAnGve4wY4AeTQ%2Btd7h%2BiycStK5JqjhYlDleuQjy1LZzcmTXsztNd671IVUo1PqSZ1hX3tzQLtb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e362c3a-FRA

GET
H2 200 bf98c048757f5297b037937edf42f342222da169.3e18d41f584d9700c32a.js Show response
www.secureblink.com/_next/static/chunks/ 12 KB
4 KB 2151ms
2148ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/bf98c048757f5297b037937edf42f342222da169.3e18d41f584d9700c32a.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d27130500a06c2a84c665df9c60c560af45fa2cc70bc61da669b30d58cad33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 020b28d00e14fa4a75bde36b0bb8ee1f;o=1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0eba700002c3a9913f000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"2f0f-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QWtugPABlwA0Em%2F2y1KZRnL%2BxYlwRP4E226EENilHiDhH%2BZtMEh%2BRmjrrPPcis4%2FWaIw4f%2FApjl%2BHfre%2B%2FbFdv4JrSUJw2T%2FsffsJb%2BY1ThbG4egMg4s2cR3w56N2Q1L"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e372c3a-FRA

GET
H2 200 405794ba2839d5fe4e9c0b5e56e3c041c87fc4c3.4c310ccddfc0f580a8f1.js Show response
www.secureblink.com/_next/static/chunks/ 48 KB
12 KB 2263ms
2261ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/405794ba2839d5fe4e9c0b5e56e3c041c87fc4c3.4c310ccddfc0f580a8f1.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

690e99ec1211d167dcc17b731605f4f68de24ecad6e32e70ebb92da000beaf42

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: c1e81e064a60b4c6e7bdd9fd7527f717
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0eba700002c3aa4bd3000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"beab-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dv0rKdDpgN%2FDtxMzkKdvB2Dd30vHPGWNS3iriBNfLsfQyYV54mMV%2B1qnZFzySXi2zb2rVTEehdQudRYhHZ%2FzDJx%2BM7oNLV9DFEwrIVGAYn2psSb%2Bp%2FDa5BQNajgiK2LD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e3b2c3a-FRA

GET
H2 200 8df443a89745f8bc787efd17a84b9fab295fe3f5.7f934fae18d7bfc64102.js Show response
www.secureblink.com/_next/static/chunks/ 23 KB
6 KB 2179ms
2177ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/8df443a89745f8bc787efd17a84b9fab295fe3f5.7f934fae18d7bfc64102.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

556b822d85c0a1392a287879d6a3de6ba948b5f84e97427cee100553d576cb26

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 5f61dd9eec60def5986bf3b318c25e2f
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0eba700002c3a8633c000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"5b42-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jlk4DoZZUs3MeJ477%2F83fhDIZY53a%2BoKYTB%2B6YJJ%2BN158RgD2g%2FujWx8uMyR17SHmIpvuLh30Zky38WmfMvxHegcMGOY1E0sJpa65f1NmlR2YCkk8Hs2BA7V1IRVBzmg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e3c2c3a-FRA

GET
H2 200 569c887e38f84b62eb85814481e5cb19e108e049.4af5fd6cb5a713733193.js Show response
www.secureblink.com/_next/static/chunks/ 33 KB
12 KB 2238ms
2236ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/569c887e38f84b62eb85814481e5cb19e108e049.4af5fd6cb5a713733193.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5d3a7eaee8314271091a227b91881cd541432f47bdb80e30fe81420aa50f58c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: cc95e68a212f8578bf8ca407846c9cc7
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0ebaa00002c3ad62dd000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"8326-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dWwN7pFMrR20oowjfed2D8ep%2F0rsA%2FJCkVmVh3mBswBg0MAkzN7nDOH%2F8l3I%2BCimntBCiOQl7ZCgvjgmr6BXfV%2F7t9J1zKDhIZfJjeN42H3Y7cOWHGkwjETGCi2x2cQ5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e462c3a-FRA

GET
H2 200 c70b5bdad02f054845f33562b7425c58d9d40b7a.3fbe96b4f2b728f55278.js Show response
www.secureblink.com/_next/static/chunks/ 4 KB
2 KB 2148ms
2146ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/c70b5bdad02f054845f33562b7425c58d9d40b7a.3fbe96b4f2b728f55278.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc49c87deadcc8add3fbd0d0c1b63705cf0fe0b7499e86e2a571a54e066f2ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 7342259bbf7caddf2fbf0de64b652f37
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0ebaa00002c3a8526a000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"11d6-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r%2BARJlaijlE9k%2FbjIy3KBSwGwlcL6dOjZ6ZHzyon8Z%2BMBdM9TvycCPsaiJ4eVjAAFfiWU%2BiUTWqfY2VtVIiqCJkHD9Pr8yO5itrr2R38vI1N2C4VCLMocqMW8ywoa4t3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937590e472c3a-FRA

GET
H2 200 nprogress.css
www.secureblink.com/ 2 KB
881 B 2172ms
2171ms Stylesheet
text/css 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/nprogress.css

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86d0529163783282315659bd782fffcdea17d877a9d31687c77d659a26601ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 77d1614bdc914b9241030ea51a0109a8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0ebaa00002c3aecbe2000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"60c-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zQAdS%2F2GBLQUAR4jhNRu80rgswQy%2BD007xqsmZ6dqfRgkzRIHVoAAyLqp5p8V9F9PXEnKsHLRgquiuXCtdKKn4F3gtbm7iodQlkuFOUmMYY%2B8HayGmTo5lqVcbs39%2Fuu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 602937590e4a2c3a-FRA

GET
H2 200 secureblink-logo.svg
www.secureblink.com/ 40 KB
30 KB 2656ms
2655ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/secureblink-logo.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e41fee73af3a6939e1196ed1e09c026e5c58df75ddd6326fec50e7161e4778c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 469f61634cac6416c5a9f1560444a2a6
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0f45f00002c3ac92a2000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"a066-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dAWs0S0KYdzKDzWt5zqcPPdnmwc2jSK%2Fo%2B6mrv8Q8eS5q%2FIyVwOLnhZ5pyH7XHhO%2Bph9PaTTjP4vMd55TSpz6CZkjj52vhn5tcrPF9CtZlE1298GYgTNeL4SbtblZv4H"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 60293766f99b2c3a-FRA

GET
H2 200 T.svg
www.secureblink.com/static/img/nav-mainmenu/ 472 B
684 B 2104ms
2103ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/T.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33ff57e63adde2597aba529197a22992773e74962297875ee7d3207590ac9388

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 50c21d7f031c81a9a9bd3e34b3a8221f
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0f46300002c3ae53c8000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"1d8-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=djMGzDss0Qp4bp1ek1bK6yw%2BgQMMQY%2FhIC%2F4pk0Z1V8FKHOGhFgJoZV1M6Ox8jjSgduTWNhP334jdbaOY%2FA0qi7sOiQMiGFRxC%2BQ5QjrhH7VMEHUQK7FR7sOA1Pp9HOu"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 6029376709aa2c3a-FRA

GET
H2 200 Security_Automation.svg
www.secureblink.com/static/img/nav-mainmenu/ 3 KB
1 KB 2142ms
2134ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/Security_Automation.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed9b246b3e0f8aa2a2b3903ac31f9dab529a4ad61d63e8e793d92b8d7f09b367

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: fd28aa11c898f6524b07611e97a19ec0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0f48800002c3ae8a02000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"da7-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vDURnUaIaBWurP1vdXAG6e%2FZCmUYQ5aKBuOcFYw%2F34j414IRONsAH3YrRgb8MGn8HyjHo8vVc%2FO2s0xt5Oi6ApSjhC19jkcpQ0aUTiBtNGTonbHRFga91Pd%2F6CIAkjK8"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 602937674a312c3a-FRA

GET
H2 200 Threat_&_Incident_Response.svg
www.secureblink.com/static/img/nav-mainmenu/ 8 KB
2 KB 2208ms
2208ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/Threat_&_Incident_Response.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba0987ca8c3a3249c2b721064c61a46acd1852a8d5584d5e2b237c1b3a01bcd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 57447c4d6be14c3bc376ca572b44d9f0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0fce200002c3ab9a8d000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"20d7-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2XXr8gM5nTkQ1vNXBCDHngxYqi%2BZaktsDsjS2%2FNrwVUiOIi%2BkVe%2F4zWdXOYYboergWUT4DCKqD8%2BEuozDL2JLMdp24sj2FWoAVYj7hZXk8%2FiLtd%2FGewgAJwHKtTxzGWC"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 602937749ee22c3a-FRA

GET
H2 200 Deep_and_Dark_Web_Monitoring.svg
www.secureblink.com/static/img/nav-mainmenu/ 4 KB
2 KB 2166ms
2166ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/Deep_and_Dark_Web_Monitoring.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de3c3e130c97cfbccd3b66a94999331b31d833129af815217bf0caee5699f8a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 301e9fb196e64f92c7c02f1a8d19d689
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0fced00002c3a8d875000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"f1f-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=foSOaJOw%2BkmZd%2FvgfXfqpe9gdvbYAkX%2BSvulfVJlIRmjVB2pDgKGXe0Z0EkY7NjJXoEXnqiZIpByfbNvycI6YWdR2eqwDExVsd2DhSNdhPHxkaJsVArThtpBPDicl6wo"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 60293774af2c2c3a-FRA

GET
H2 200 Situtional_Awareness.svg
www.secureblink.com/static/img/nav-mainmenu/ 4 KB
2 KB 2163ms
2163ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/Situtional_Awareness.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6908d5110ebaea4824564c64dabf3f224b3c6afa8fdac0e049c86a7049f96f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 0ad912f98e82545f0257652f98a9e29f
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0fd2400002c3af190a000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"e93-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=atRJY1fm8DmGOVmLLUXSpslBvKaunyiOjPozzFdp8x7iIWZZGoqGyU1hRBE61H1DF5wiW65Orouj6AMD0jakSDBXI8xdq%2B4R5hX3p9b0D5ODvR1paZGEAj%2B0dYjdwKMm"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 6029377508152c3a-FRA

GET
H2 200 CISOCSO_(Robust%20Strategy).svg
www.secureblink.com/static/img/nav-mainmenu/ 2 KB
1 KB 2154ms
2154ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/CISOCSO_(Robust%20Strategy).svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c668de10bbdfc07c0a514d5a8458b9031e4864c67e695b69e50f1333a4c4be30

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: ed30f68cbde29b3c126d40f05c7726c1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0fd6000002c3ad9010000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"76a-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FHGU7GWZ673aqs1%2Br%2FumvwDFoU3DY1KODKceRKhLRqyG77L660jD0IpgXcH8NRRw6mrUvJIvRhouKoAQraq0N568sbsQYh%2F%2F3YgvnxPiKeMw0wy5Mcfcvph4xBcPoyiS"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 60293775692a2c3a-FRA

GET
H2 200 DOS_Mitigation.svg
www.secureblink.com/static/img/nav-mainmenu/ 3 KB
2 KB 2104ms
2104ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/DOS_Mitigation.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9abaabd33d48ae9dc82d5053e17ed3afe9f73e35ce3887452a5d1111d7a56326

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 69851bd8339422840b148c33ef458183
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0fd7b00002c3acc3bb000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"d7e-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gv6jFXF%2BPniTuZRLA64%2FFzR9Wm6STlgfp7xL%2FeVaUhbm2AvMJHq0AJNHdgG454DXvSFFpTTyK1iGtjDokRmwsz%2BmkffrDEJybPIQR9bC%2FTd4J1d7Jpnq0mlHDmhVjyjo"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 6029377599a72c3a-FRA

GET
H2 200 RansomwareAlertResponse.svg
www.secureblink.com/static/img/nav-mainmenu/ 3 KB
2 KB 2144ms
2144ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/RansomwareAlertResponse.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f255133f47bd05254a0f78eba0db90f5a1f9ead1991c789cdc2c809603b1fc96

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 0ea9d8d14e018b345ca42e175cc1eb7f
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0febe00002c3a8a373000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"dc3-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tXAXJZodSnwsCJUed1%2FGB0n%2Bh7wsVcMtEfpXcL5feT1PsLVFgj%2B81usyjNxvKhqLbdxLhQsXz4Q%2Fueu4XZshSkY1F4F7tkfsIBVmsK1WWJ%2B7EC2tsR1tmARNKrxGi7A%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 602937779ee42c3a-FRA

GET
H2 200 MalwareAlerts.svg
www.secureblink.com/static/img/nav-mainmenu/ 4 KB
2 KB 2156ms
2155ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/MalwareAlerts.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c05e8345194638476a2aa05f3caf9d696791581b5c314db8910edd5b227a6f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: abcebba106d16575cd3468de784ac3b4
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da1056000002c3add1e8000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"f90-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w5FOgBg0v%2Bc82RaRiasMUCMk7WstJJZQ%2F0GTXV%2B0NKWroDZSSSotwjklLuMUuFabSoWCg2ILB6hnVFJeKqepWr4JQHDeZRXlL2O08o64YsNwFR8oowBNVjv4r%2FIgh%2FLQ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 602937823a042c3a-FRA

GET
H2 200 Iso.svg
www.secureblink.com/static/img/nav-mainmenu/ 2 KB
924 B 2226ms
2225ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/Iso.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19803f44953956282d7e289f3d8c6291fcd4ef82c8f47eedd1cbf79a0b0a9518

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 9dae3298bf6b6d0812fb52f7c6004422
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da1058100002c3a00a27000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"705-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3P1vAge9ZkhKlJr%2FraoqVFwXrYJf9Hc7QvVTsq0pw9jBCsL8%2Fe05hEy2ikzPQ93mp9iSq%2Bc%2BWm5LEBGifhC%2BGFcZPds6iXDjfwGNxsgssATmxes810zY9nqMShvLQXji"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 602937826a9d2c3a-FRA

GET
H2 200 GDPR.svg
www.secureblink.com/static/img/nav-mainmenu/ 5 KB
2 KB 2121ms
2121ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/GDPR.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c69b575faeced77aab0c260708674fc4de0208b19e30644604873c03ac0fd81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 51d73111fd57b339db211bc8e8e6d654
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da1059800002c3a8d946000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"1387-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gm9mNl4z2FjFJ4sibrtZgP%2BrCt6RTqPtF35%2B0%2B2YYxII7Yhk6TZecSbPeK7rgkYD5dYT6sMRIOGIdaK35%2BF90ivqAYtmQp9bF3BcDajZIoPxCVckQtOYsa6Wx8nYiNI%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 602937828b0a2c3a-FRA

GET
H2 200 Threat_Intelligence_Feed.svg
www.secureblink.com/static/img/nav-mainmenu/ 4 KB
2 KB 2141ms
2141ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/Threat_Intelligence_Feed.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cb7fc3cabaa46a6318e4ab6fc2892502868b418c691de02708295ef0905356c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 6a9339df448cbe485f113607127821e0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da105b400002c3ad2b07000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"f65-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Allmn24z6O54v7FGxgx4g6DTNMOaZIf9gRnw6wTOaceFUl4ob7gw5ytheb%2FdDDiXO6Un4%2Fz%2F2EbO8B8lTNCznxR3m51JuFfXKc44XnOpry2u6cNOYz9NQa6d3jSDrb8"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 60293782bb822c3a-FRA

GET
H2 200 Threat_Research.svg
www.secureblink.com/static/img/nav-mainmenu/ 4 KB
1 KB 2155ms
2154ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/Threat_Research.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7afc5df607259654355668d9b253e0bc5eb8814cf9ddd40be7e766da8437a595

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 34694be1050b33ece1e3fd0911936f6e
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da105cb00002c3a8d94a000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"10c1-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yQbLehIoshkw%2FC0JyIMa6Gi1San3Z0P%2FszlPUc0AmVj1b18iqaau7bB%2FMNqZjU81lajoOOfaumr8RXBJS5brjvkYLTfSrhu6kz9I4bOZ7qjTPlL0HL193HLRWBs3gUm5"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 60293782dbf52c3a-FRA

GET
H2 200 White-paper.svg
www.secureblink.com/static/img/nav-mainmenu/ 1 KB
853 B 2170ms
2170ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/White-paper.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41dcc77cb33898292fcff094e7cb6566b4898092b07a4ccb5bea8b27402007de

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: db7e0dc4ca4120be58d18ea3606e7aa9
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da1072000002c3a9905a000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"559-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Das6NLAOHH9PHIKVfYDR4HROpOQiCabfW451zSY2TXFEySNnqGAyaFXxLdhmwRGog2EkjdFQ0QGeXa7Q%2BqiVJ6XkjpUZFMtMAiUDvrRRxM1NivxJJJbeuhcZ2WUFdIg2"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 6029378509f92c3a-FRA

GET
H2 200 SB-Blog@2x.png
www.secureblink.com/static/img/nav-mainmenu/ 1 KB
1 KB 2087ms
2087ms Image
image/png 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/SB-Blog@2x.png

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4c5767dd36df35e7d7db3520b95029594ebbfdb7b54f4ec84a7f89e9df86db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:31 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 77516c360ada48127a0841e8101a20b5
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1043
cf-request-id: 070da10dcd00002c3aa3835000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"413-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RtcEFvVJmkfHdBq%2F7n8DcIh%2B%2FmMIG8GrHqd%2BdpLdOb5%2Fi7F9z1I%2FKECCUJepqqpS6Gm0LtbQBefpC3QI3zMIumCD6NBMUyz3QLyUE1VzOdMm726QjrDgHE7dS3GGNmEM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6029378faea72c3a-FRA

GET
H2 200 rocket.svg
www.secureblink.com/static/img/nav-mainmenu/ 4 KB
1 KB 2174ms
2174ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/rocket.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95bcef5d0cd6765eb7e07cdc104052c81f0a002152951b6bd277478d345a7363

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: bec37daf47b1b515fa8f2a74028b36c6
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da10de200002c3a8da0c000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"1193-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y5pDgRBEbneCS7w6lU8729q2xq6zfRB%2B7Vih4IN6pRuIWOJ1zCHOPwIjLWpsRpO%2BDPjdg8uOmDRhs5AJaa40qwyVS%2BvzCvpfZWhPrlDZdUstval2AjocTBbQYPTLlUfq"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 6029378fcef42c3a-FRA

GET
H2 200 Our_Story.svg
www.secureblink.com/static/img/nav-mainmenu/ 7 KB
2 KB 2144ms
2144ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/Our_Story.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fce490eb1f5d75cf7ea55374c2df4730e71f4826843bd80bc4e7d43d834d1875

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: c575af8ff4ed79180ae0ccee381270ff
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da10e1200002c3a01015000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"1cbe-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ybjiu5O1KXJUEmTL6C%2BeR99qrhEgWkEvsVc8k6KqCDLUxuhbp9rCyC2S6HdqLr22984rrK63fVH3z9Dq%2BfqfcivOUYshcMYeuAHcjYSLqGvPinI7xOqEFnSxSWpast9Y"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 602937901fb92c3a-FRA

GET
H2 200 Careers.svg
www.secureblink.com/static/img/nav-mainmenu/ 3 KB
2 KB 2152ms
2152ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/Careers.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57c64dd6961692f94077b4072fa71011d39b25802aa5606383783dec2c646493

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 7a05acd20246814f65357bf37c8b453b
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da10e3200002c3ae88d9000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"d49-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vrFKTN5XN7vDDAr2KZkCYuZuKAbSN6M15a5E2rETLq1Udq1ehqmPx6KJJJJzREwZDQrFfYHgFRxN58CHw%2BZdoDhw1E22N6%2BGqiyRzAyqft6wuXfXExIpivvL1vSzy3xC"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 60293790586b2c3a-FRA

GET
H2 200 Contact_Us.svg
www.secureblink.com/static/img/nav-mainmenu/ 2 KB
1 KB 2118ms
2118ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/Contact_Us.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f21be4441a912768edb40bad57cca96da85f1508d128a4b23f3002e5795c771

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 897e6377f9c35c75420cab64802af96b
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da10e3500002c3ac2bbf000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"9c8-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=95adNrWBFiy5T%2FPr68xIHdhPFmI79CmgjzPEb%2F7vTImLmq8RjxJoOhJRsbPaU54KEbpqNTdg9Sr2oRUsUQJO11JnDKp%2Fscy9L4DKncAxZURZ5Jo%2BTbMbElWCm2VcaMkf"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 6029379058772c3a-FRA

GET
H2 200 login.svg
www.secureblink.com/static/img/nav-mainmenu/ 832 B
677 B 2156ms
2156ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/nav-mainmenu/login.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17f932a111c2554515396d5f59be90a68674c3ddabc197a5c443639f66b97e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 0c8265daaf9219f5ec46db04c6ddda4a
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0f4f900002c3aec8e1000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"340-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FmGxNPu2G86BH94mzKtkAxY7CK7jUb41zrtVUDRzooLzyu6Ge8d4qT%2BaVytk6nPZT3fOG%2BxoEW69XvI%2BBhH068OQgLRzyhJDB2rUSJCk8aAGDzK6iu7ECXP0ZUAfQ9ef"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 60293767ec042c3a-FRA

GET
H2 200 email-decode.min.js Show response
www.secureblink.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 8ms
8ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 070da0ebab00002c3ad2842000000001
last-modified: Mon, 14 Dec 2020 18:08:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fd7aa36-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nVg7jbVav6lB15Z2RSTCFQJQX5E49XXKEhoGxdOgyBmZ0X%2F6kveH%2BrnPubSuS46gLG79c%2BT5w2%2B7NAt3FFeZ%2FFbp7wQfJ9hFjkbmmKwpJ2Ek5deVWMByeD8Ca%2F%2F%2BfvIy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 602937591e512c3a-FRA
expires: Fri, 18 Dec 2020 14:50:20 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 34ms
14ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 070da0ebbe0000dfadf3994000000001
last-modified: Mon, 14 Dec 2020 18:08:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fd7aa36-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oAYtyXzlJvWR8tCQKZF9LyjuyIluyVSazWJnq33%2F7%2B64XQWWnvtZ5CiueDG4BTiWccft4t87zjLuQyA8lVjRlbqv0Wciwbebrc9E3DC6DL9FlSNlskKeZjjM56O52xxI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 602937592d11dfad-FRA
expires: Fri, 18 Dec 2020 14:50:20 GMT

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
1 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&family=Ubuntu:wght@300;400;500;700&family=Poppins&display=swap

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/_next/static/css/cbaa70ce802834a42da6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8900525afb43040cf5b5a7fdd4bd4cffcc855d59dfe6816cbf03af71a0b656b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.secureblink.com/_next/static/css/cbaa70ce802834a42da6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Dec 2020 14:50:23 GMT
server: ESF
date: Wed, 16 Dec 2020 14:50:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Dec 2020 14:50:23 GMT

GET
H2 200 7652426.js Show response
js.hs-scripts.com/ 2 KB
992 B 171ms
140ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/7652426.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eab3726503e59d3498e3b6530c0534e9133733d660f9a2c84352f2ad4808d204

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2B4A5BBB7871FE7A2F939A65455CDF7A081614EEFF000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.secureblink.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 602937676fad0621-FRA
cf-request-id: 070da0f4a20000062189a9d000000001
expires: Wed, 16 Dec 2020 14:51:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 41ms
33ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-151054930-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62083839d2f5de1bc191eb352b887eeb488baf034b8be86bfd6ace2591aff2c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39019
x-xss-protection: 0
last-modified: Wed, 16 Dec 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Dec 2020 14:50:23 GMT

GET
H2 200 _ssgManifest.js Show response
www.secureblink.com/_next/static/puwwPQzxbRPbsttGnbiQa/ 76 B
431 B 2142ms
2134ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/puwwPQzxbRPbsttGnbiQa/_ssgManifest.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 0bf951bac7bbec897ff5b3d11cb81114
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0f49200002c3a9fa6d000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"4c-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KbTnXoXzfebWyqzr2JEwgOL%2FealspbWOoR1iBOsrh1a5aWHt1Tj7tcEEFFYjnnMcHgIvAWL3DA%2FWW1hF9iWQEjZq40%2Bs8zlNJ0h2nGg3qjk6QmnibG4RMQ2cpPpqsNjV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937674a4f2c3a-FRA

GET
H2 200 _buildManifest.js Show response
www.secureblink.com/_next/static/puwwPQzxbRPbsttGnbiQa/ 2 KB
1 KB 2200ms
2193ms Script
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/puwwPQzxbRPbsttGnbiQa/_buildManifest.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8fd1bc44e5ad77337917cea9c03ecf84f204ad18d992427e43b06c071c97336

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 6075190fafd1e89fcd8db1abca1fbfea
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0f49200002c3aa886a000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"6da-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZukA0q%2Ff04AeN7%2Bgzt5jvjXTjB7Ie4MoJ2Tij9MExHfVcI57zmxtUvlUzXaFj6imagA0VdGyA7oc%2BmWLJBB%2BOO3hvLWGzsy4bgDmqlQyOC3okHsRYo5Q00mxUcuzT2XW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 602937674a502c3a-FRA

GET
H2 200 threat-rsch-lg.svg
www.secureblink.com/static/img/ 2 KB
925 B 2184ms
2184ms Image
image/svg+xml 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureblink.com/static/img/threat-rsch-lg.svg

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/_next/static/css/d34bc1b8ff8b5b34b8aa.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6fceade06299331f8aeaec9ee254679d5d5d60fdfec131f1e62b3db4e12769c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/_next/static/css/d34bc1b8ff8b5b34b8aa.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: bba5d54f6f36184b313fd098db6d18f9
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da0f4f900002c3afcbd9000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"630-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FB1dSBTLVscSYB9YDAmqxA6p9hwRnyA8JXjNNUqeECmJZaadxvWIEh%2FFzqhmdkFKH%2F8v9pxNu6GF4kXDtn8w3h9ps6fW6kdMNkcnPnjUAdWnNrBv%2BI0m2PGhtB2IhJbr"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 60293767ebea2c3a-FRA

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 13ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&family=Ubuntu:wght@300;400;500;700&family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.secureblink.com
Referer: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&family=Ubuntu:wght@300;400;500;700&family=Poppins&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 06:19:46 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 30637
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 16 Dec 2021 06:19:46 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 19ms
13ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.secureblink.com
Referer: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&family=Ubuntu:wght@300;400;500;700&family=Poppins&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 17:20:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 77398
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 15 Dec 2021 17:20:25 GMT

GET
H2 200 4iCv6KVjbNBYlgoC1CzjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 13 KB
13 KB 18ms
12ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoC1CzjsGyNPYZvgw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12deb5082d9a265422916da8c3f6b1db8636ff8a5a72e0cad6cdf62f1ef5fc93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.secureblink.com
Referer: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&family=Ubuntu:wght@300;400;500;700&family=Poppins&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 17:05:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:02:49 GMT
server: sffe
age: 337468
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13588
x-xss-protection: 0
expires: Sun, 12 Dec 2021 17:05:55 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 13 KB
13 KB 17ms
11ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.secureblink.com
Referer: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&family=Ubuntu:wght@300;400;500;700&family=Poppins&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 17:10:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:01 GMT
server: sffe
age: 78007
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13720
x-xss-protection: 0
expires: Wed, 15 Dec 2021 17:10:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 16ms
10ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.secureblink.com
Referer: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&family=Ubuntu:wght@300;400;500;700&family=Poppins&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 22:21:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 145743
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 14 Dec 2021 22:21:20 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
23 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23366
x-xss-protection: 0
pragma: public
x-fb-debug: Tk2Nrtnn/FAPFQeyZvgVRDefbr7yAjMVJxZlhrCCm6PkGrfd3Qq+HICgM4fuX44VJbvpAD7qUSHzIZEtBEJt1w==
x-fb-trip-id: 436667874
date: Wed, 16 Dec 2020 14:50:31 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1914959.js Show response
static.hotjar.com/c/ 4 KB
2 KB 199ms
98ms Script
application/javascript 65.9.96.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1914959.js?sv=6

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.124 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

772cffbec5b85c2b54d2629e11837ee3655d5e898982b6b475f11805a8c77269

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: PRG50-C1
etag: W/9418a3b59766bc01d7da3d34f05bf6d4
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1686
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
x-amz-cf-id: 8OrocDSVqY3ey0ra8Ad1hru1zwc1U1fBPd_0aPqyoT46BwicJBd2Ig==

OPTIONS
H2 204 graphql
cms.secureblink.com/ Frame 0
0 207ms
173ms Other 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.secureblink.com/graphql

Protocol

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.secureblink.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 31536000
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-headers: Content-Type,Authorization,Origin,Accept
x-cloud-trace-context: bc04354423334ab91c4cdafadc95a082;o=1
cf-cache-status: DYNAMIC
cf-request-id: 070da117120000dfd71da70000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DQs3PgBmcuiexXeV9o2jjDzwfzed8sjOHO0NqlyoFK9Dek3ZZmjbIHpzmUIoJQKAnToQVKzt%2BzapccHk1VKhkc3tR6zXK7azh92S%2BQMKPSke%2Fo5ktf3pIXE72ttgwlZ3"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6029379e8f1bdfd7-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 graphql Show response
cms.secureblink.com/ 1 KB
1 KB 196ms
196ms Fetch
application/json 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.secureblink.com/graphql

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/_next/static/puwwPQzxbRPbsttGnbiQa/pages/_app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

94224e5139e06bdf232d48c645bfbaca698fe99d731758bd5310f51d13aa241a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: */*
Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 36ab076ea24e0a7be12d273947ed742d
x-powered-by: Strapi <strapi.io>
p3p
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3KH6DY1gT4DEjhOh5o%2FjabRE8IAS6JbLzYscyRSm0fXz6g0rapHeZ79JXJY5j8YGaY8MeNalDZrq%2BBlRM%2F%2BILbCUHGhzsDfQnb%2Fkhtfe8drwKQBjsF5EYImBIZx%2FqAZO"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.secureblink.com
vary: Origin, Accept-Encoding
cache-control: private
access-control-allow-credentials: true
content-security-policy: block-all-mixed-content
cf-request-id: 070da117c00000dfd732ade000000001
cf-ray: 6029379f997cdfd7-FRA

GET
H2 200 7652426.js Show response
js.hs-analytics.net/analytics/1608130200000/ 60 KB
18 KB 1201ms
1184ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1608130200000/7652426.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7652426.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b93a023bc166c2c878c10ea2bea26c80fd0d53e2100e7805e7fadae4bd0fffc

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:33 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 9DB5653BE33360DF
x-amz-server-side-encryption: AES256
cf-ray: 6029379e9f96061c-FRA
x-amz-id-2: 4QxlOqNpXqEDSWdljLws/KQ7jkQysCeFC5U38QhE4ShWd2FpBP5RjuKz6koGYwJ+4xbUy6SygOs=
last-modified: Mon, 14 Dec 2020 18:58:24 GMT
server: cloudflare
etag: W/"2b5f4ff1c9c421f85cb65e97b51c7794"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 070da1171c0000061c2e8a9000000001
content-type: text/javascript
expires: Wed, 16 Dec 2020 14:55:33 GMT

GET
H2 200 7652426.js Show response
js.hs-banner.com/ 52 KB
13 KB 74ms
47ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/7652426.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7652426.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470d7fa974d80834908d790b15bc33e6081c71184d2ca5c1e351a649b8223a01

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=2jn/Tg==, md5=HC/ks7VpwvUdpYPmA+Pu+g==
date: Wed, 16 Dec 2020 14:50:32 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABg5-Uz8BUeF_CdOddmNRbA4UrI4x128NH6W8ua4N6OX7i9ig_M4Wwj5tGuTFGgYAlAFlseSbJCTbGBsyFFzaULT3ePSjhfYig
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 070da117250000e00b9514d000000001
timing-allow-origin: *
last-modified: Wed, 09 Dec 2020 21:34:54 GMT
server: cloudflare
etag: W/"1c2fe4b3b569c2f51da583e603e3eefa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1607549694088805
access-control-allow-origin: https://www.secureblink.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 53334
cf-ray: 6029379eac3ee00b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 16 Dec 2020 14:55:32 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 79 KB
20 KB 42ms
16ms Script
application/javascript 2606:4700::6811:ebcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7652426.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:ebcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7efa535a26118766d4e3e97e5481e83cc883ad71501606ab172a011e3514e1ae

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
via: 1.1 ffa4b37ccdc94a8c62bf6b6414725210.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 106
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.8021/bundles/project.js&cfRay=602935079ad0639b-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 070da1172500000ebbe30c0000000001
last-modified: Tue, 15 Dec 2020 04:06:22 UTC
server: cloudflare
etag: W/"bfaa8a4f99f8a535f0698a718e5721e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Q1OL1swRF5MewkNQEV1rDAIS781dzPO5
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 6029379eaf6f0ebb-FRA
x-amz-cf-id: fJY0zXzIRr-zsHwS59SMeogWszCy7uVAUqmkKFi6i2bLmALSAqYBtw==

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 448 KB
77 KB 72ms
47ms Script
application/javascript 2606:4700::6811:e7cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7652426.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e7cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 828db6b7e79c6f9a935026a3383990ac60d9b5ae13bc6b8e76e63b6ddc087635

Request headers

Origin: https://www.secureblink.com
Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
via: 1.1 c889e9448c63bb4bf9dd41fcb2250e09.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 22791
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.966/bundle/main/lead-flows-release.js&cfRay=60270b368951bf23-IAD
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 070da117250000dfb7ac15d000000001
cf-ray: 6029379eac0edfb7-FRA
last-modified: Fri, 11 Dec 2020 01:11:46 UTC
server: cloudflare
etag: W/"e1b953bd86e03038d178c0bb365f8217"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: Yq1r0GUWtO8V8yuu1CBe2h7KDqj0ZMby
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: znxNOXjQ1LXtCS7jGZrLAsirJkttZpZZrGdYbeA0HVeWn8WGQ-f2mg==

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 87 KB
25 KB 56ms
30ms Script
application/javascript 2606:4700::6811:80ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7652426.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:80ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9e4318a5ffb02d153a7275ddc2a55a896e412e4c95e0cb48365b4c99501413

Request headers

Origin: https://www.secureblink.com
Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
via: 1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 22790
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.206/bundles/project.js&cfRay=60270b368cea1f15-FRA
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 070da1172500009ab023bad000000001
cf-ray: 6029379eae089ab0-FRA
last-modified: Wed, 18 Nov 2020 03:17:23 UTC
server: cloudflare
etag: W/"8009c15ab0ddd537e87c8961e3793907"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: vK9VzhfTTqVFyznSA1saY0pwTd8plNRY
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: r6RhquAogejJ7b0mfQIv_P0rP8px2WPR46d2DERD0s2JFghDMiZsyQ==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
763 B 18ms
16ms Script
text/javascript 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/_next/static/puwwPQzxbRPbsttGnbiQa/pages/_app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b62c6ff3eb7e3fbf3039133c9335b00648fea0bd795133282e25ee7f46c4508e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Wed, 16 Dec 2020 14:50:32 GMT

GET
H2 200 lftracker_v1_YEgkB8lvLPz4ep3Z.js Show response
sc.lfeeder.com/ 10 KB
5 KB 191ms
153ms Script
application/javascript 2600:9000:206f:e000:1f:f723:6fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_YEgkB8lvLPz4ep3Z.js
Requested by: Host: www.secureblink.com
URL: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e000:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a8088fdbbd728866b0425df590bf6bdcfe6d842a7da18a72f678784211142da

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 11:18:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "83e3de96cc959770f6ff5ddbb9a35079"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Wed, 16 Dec 2020 14:50:33 GMT
x-amz-cf-id: OeQJQ9kHCC6-gNw5h538gD2hxgFtdYxBJpd44NF9eAKEmKdk-X8fCg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-151054930-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3597
date: Wed, 16 Dec 2020 13:50:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 16 Dec 2020 15:50:35 GMT

GET
H2 200 undefined_medium_Russian-APT28-Hacker_0ed3401359.jpeg
storage.googleapis.com/sb-cms/medium_Russian-APT28-Hacker_0ed3401359/ 17 KB
18 KB 437ms
436ms Image
image/jpeg 2a00:1450:4001:821::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/sb-cms/medium_Russian-APT28-Hacker_0ed3401359/undefined_medium_Russian-APT28-Hacker_0ed3401359.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1fd99abb178092c18db17531dd4eae451c585cc1f94b5d37167f4949db4c86d4

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
x-guploader-uploadid: ABg5-UxoRp_jz8L6K2P0O6fFsv57SYYoOcIhe-bKTSW15HelzkL0xJrxkJ_SEqXB6vVaSM5pJwY0D3vdWKKBrVwtiWaYyBmKSA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="undefined"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17743
last-modified: Fri, 11 Dec 2020 13:19:54 GMT
server: UploadServer
etag: "cde562db3d049aa66e961967bcf837f0"
x-goog-hash: crc32c=3MWJYA==, md5=zeVi2z0EmqZulhlnvPg38A==
x-goog-generation: 1607692794129445
cache-control: public, max-age=3600
x-goog-stored-content-length: 17743
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 16 Dec 2020 15:50:32 GMT

GET
H2 200 index.js
www.secureblink.com/_next/static/puwwPQzxbRPbsttGnbiQa/pages/ 0
14 KB 2202ms
2201ms Other
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/puwwPQzxbRPbsttGnbiQa/pages/index.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/_next/static/runtime/main-f117649df84b6ae7a435.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 1eae8f3ddfd208a9dd61e27f0f21d84a;o=1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da1172600002c3a8e0a5000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"915a-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n1B6ZpBIfu8n3Itnfi3UmpxeAQrdDJn0rowu6MA4ePnIAjqVTph%2F55hdmwi9VJszjyKjKeUQigJVB%2B%2BdtKEdV5UbJ3MBw3tRhXTDakdxSPShGdM38nOS9DpdQW2em3ZQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 6029379eae8f2c3a-FRA

GET
H2 200 threat-spy.js
www.secureblink.com/_next/static/puwwPQzxbRPbsttGnbiQa/pages/ 0
13 KB 2251ms
2250ms Other
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/puwwPQzxbRPbsttGnbiQa/pages/threat-spy.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/_next/static/runtime/main-f117649df84b6ae7a435.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: f60e4301b0628a9ae0e5f7281417a0b1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da1172800002c3ae536e000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"a8ab-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ondOw5W8Tvi%2BCFp3%2BkrhSwKResS5p0sS1B6fgHGJmaOh27kwm9n%2BD4lR6PcpxdXtHVoJEc%2FUDcPCksKOrmBhOnzHdXGZCLrRpbiJrFtA%2BemdXhxliykOLxU1Ira5PWIZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 6029379eae912c3a-FRA

GET
H2 200 eb1f25c857e586678c21492b21e6df936f0e961c.2c2962e2fa4523bec0f5.js
www.secureblink.com/_next/static/chunks/ 0
4 KB 18ms
18ms Other
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/eb1f25c857e586678c21492b21e6df936f0e961c.2c2962e2fa4523bec0f5.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/_next/static/runtime/main-f117649df84b6ae7a435.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9
x-cloud-trace-context: 84c3ce4303a06961cdca0a3998634b3b
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da1174600002c3ae33c8000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"2c16-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RFmi1oJShKyc81Xwm02yUylNhb1RChpusSZw8D88%2B9JxpC8Pvwaf9JnFcyY0F8mYpEjaPxBVvpDFqR0qb%2BVdXAmtED38r1tOUHAFN5h5t2D9n2JOoHdJ%2B%2F07c9FMXbPX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 6029379edf0a2c3a-FRA
cf-bgj: minify

GET
H2 200 bf98c048757f5297b037937edf42f342222da169.3e18d41f584d9700c32a.js
www.secureblink.com/_next/static/chunks/ 0
4 KB 19ms
15ms Other
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/bf98c048757f5297b037937edf42f342222da169.3e18d41f584d9700c32a.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/_next/static/runtime/main-f117649df84b6ae7a435.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9
x-cloud-trace-context: 020b28d00e14fa4a75bde36b0bb8ee1f;o=1
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da1175a00002c3a99218000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"2f0f-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D29U4qS4UvpRXaK5vKfysUHCC2V00h6N707XXlK%2BI4WEgfMFdJQ1vHzWzNLmYqyR%2FkejIKXhahfzlTvyRTgNNI38dOOL8ewkJOY1XJJqUmYDPAEqL3KFdU%2B7CJMMzP2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 6029379eff662c3a-FRA
cf-bgj: minify

GET
H2 200 405794ba2839d5fe4e9c0b5e56e3c041c87fc4c3.4c310ccddfc0f580a8f1.js
www.secureblink.com/_next/static/chunks/ 0
12 KB 18ms
16ms Other
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/405794ba2839d5fe4e9c0b5e56e3c041c87fc4c3.4c310ccddfc0f580a8f1.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/_next/static/runtime/main-f117649df84b6ae7a435.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9
x-cloud-trace-context: c1e81e064a60b4c6e7bdd9fd7527f717
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da1175a00002c3abc23d000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"beab-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iZEuhSeyOGdOLw%2B59lVuxaKd01myAd5ClzXNK11ezBHOjoNRKUUVO0HVqNI6cgId9VJA%2BdSOqbSHzyBgv0Xmu8bDPsuZnhPQ1jjAaho%2BxsnBtmrrL4RV8lp2OTcswsWE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 6029379eff692c3a-FRA
cf-bgj: minify

GET
H2 200 8df443a89745f8bc787efd17a84b9fab295fe3f5.7f934fae18d7bfc64102.js
www.secureblink.com/_next/static/chunks/ 0
6 KB 13ms
13ms Other
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/8df443a89745f8bc787efd17a84b9fab295fe3f5.7f934fae18d7bfc64102.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/_next/static/runtime/main-f117649df84b6ae7a435.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9
x-cloud-trace-context: 5f61dd9eec60def5986bf3b318c25e2f
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da1175a00002c3ab30c6000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"5b42-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QrhzCU%2BYz%2FFUIZIYyekPRLFQHdQbozBmbJN%2FDRcRmIUXnKfFVGAVKvIBg35sX5599m3k6tWSEa2BCWp0fOBf2wnwrItoTxez%2FqPz6ycSPLm0uWrCq0%2FrwHafq8nswfyV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 6029379eff6a2c3a-FRA
cf-bgj: minify

GET
H2 200 41bd967e0a91a5e10a23237fefc66352370787c5.194145b475df904e0e4c.js
www.secureblink.com/_next/static/chunks/ 0
8 KB 455ms
454ms Other
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/41bd967e0a91a5e10a23237fefc66352370787c5.194145b475df904e0e4c.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/_next/static/runtime/main-f117649df84b6ae7a435.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 37d682c988910c185c4afc060652bb60
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da1176b00002c3a0f956000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"6acf-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jZWKVbOqxJjBaf9M3P5OAzV5udjkKGNRQx%2FZvdxEtMOBd%2BNu3fkkl4ijMAjJj1WsluAiiDl93%2FNq36L%2B4uHGu6LipDr7nV61stVwYLFd8RHuRa6b5hN%2BQMHSDkEXUAFR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 6029379f1fb32c3a-FRA

GET
H2 200 7dfb95fd0f63172e1452.css
www.secureblink.com/_next/static/css/ 0
879 B 2154ms
2149ms Other
text/css 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/css/7dfb95fd0f63172e1452.css

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/_next/static/runtime/main-f117649df84b6ae7a435.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 41c41d84bccb58b08d8351191cc507d0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da1172600002c3a8db08000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"85e-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6pw1tpNv2o4hKwAcaPX2%2FBY3PBTs7zfjRXdhs71%2B8IBXSGACVy3zebDQF%2FrT%2Bj%2FzmFLeq%2FkpkZOtmkVGoxFNN2AbvtpI3PyZHh6YhkRkbiDpKuLj3STQiAY%2BOfD6p2mt"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 6029379eae8b2c3a-FRA

GET
H2 200 6f485bd710019f0a0265680c8fd63e615b376f56.48acc24b8cd0fc303c23.js
www.secureblink.com/_next/static/chunks/ 0
14 KB 2266ms
2266ms Other
application/javascript 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/chunks/6f485bd710019f0a0265680c8fd63e615b376f56.48acc24b8cd0fc303c23.js

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/_next/static/runtime/main-f117649df84b6ae7a435.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 26339258e84a959b610a710d64ee5e60
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da1176b00002c3aa0115000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"a409-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NKceQsR1FrMPHoCCLLLTX1Hru5edHWYOvsSrgWnwd3k751%2BFmESy%2Fn5uMWZ%2B5LskMc%2FOS%2FmPbL1Oy6dxADIK3h33EcyKwkGxa5WcY3g9fhkLOB9R9ZB62o%2F5sfXwVvqr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 6029379f1fb42c3a-FRA

GET
H2 200 ec1c665a8e9db4c7aabe.css
www.secureblink.com/_next/static/css/ 0
1 KB 2155ms
2155ms Other
text/css 2606:4700:3032::681b:b6dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureblink.com/_next/static/css/ec1c665a8e9db4c7aabe.css

Requested by

Host: www.secureblink.com
URL: https://www.secureblink.com/_next/static/runtime/main-f117649df84b6ae7a435.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b6dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cloud-trace-context: 84e0a3c3bbc74f76ec730368fde67ee4
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da1176b00002c3ada3a3000000001
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"f87-49773873e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xvw%2Bx67fjkrXvQDiV40ZdNoUdo9pbqiJmOXBtFc%2FVUzJf5uf7c2i4J0IVO%2Fde3O4ccDd6y0J%2FAUVHpMquHh%2ByuQAVodKELWUWS%2FPWcY0EcvcXYmVQl0i70ripRsWd%2FSh"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 6029379f1fb82c3a-FRA

GET
H2 200 586840998618356 Show response
connect.facebook.net/signals/config/ 239 KB
69 KB 76ms
73ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/586840998618356?v=2.9.30&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33e69d3715b0a5fc886eb66630f2865c1dfe336a21498defec29b147e5da3e4e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: yCcaGvknnpr7a/O7+Np88NOdIQxHV+kZaxiQ1qSl4+gDc8UZLyKxf5hF5GcQ4CPDyHaSRndtrrzVyCYo0Qhnpg==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 16 Dec 2020 14:50:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 538315903
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ 334 KB
131 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.secureblink.com
Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 939
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133916
x-xss-protection: 0
last-modified: Sun, 06 Dec 2020 23:05:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Dec 2021 14:34:53 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 14ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=904808244&t=pageview&_s=1&dl=https%3A%2F%2Fwww.secureblink.com%2Fcyber-security-news%2Frussian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware&dp=%2Fcyber-security-news%2Frussian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware&ul=en-us&de=UTF-8&dt=Russian%20APT28%20Hackers%20Using%20COVID-19%20as%20Bait%20to%20Deliver%20Zebrocy%20Malware%20%7C%20Secure%20Blink&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=498904389&gjid=14580305&cid=735984382.1608130232&tid=UA-151054930-1&_gid=73062933.1608130232&_r=1&gtm=2oubu0&z=65236627

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Dec 2020 14:50:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secureblink.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 127ms
110ms Other
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7652426&conversations-embed=static-1.8021&mobile=false&messagesUtk=cabf9003dfad453c8996bf339f95aa4d&traceId=cabf9003dfad453c8996bf339f95aa4d

Protocol

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://www.secureblink.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
content-type: text/plain; charset=utf-8
content-length: 18
x-trace: 2B15B2583959DE00D2E273884353842C158AD49832000000000000000000
allow: HEAD,GET,OPTIONS
vary: Accept-Encoding
access-control-allow-credentials: false
access-control-allow-origin: https://www.secureblink.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
cf-cache-status: DYNAMIC
cf-request-id: 070da1176c00001756f08e7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 6029379f1a181756-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 209ms
209ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d1d0ce0d2c4bf88a334cb9ac791004875c9d6ce461689f1e3e242adecbd9963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1513
cf-request-id: 070da117e200001756cb898000000001
server: cloudflare
x-trace: 2B9474AB64502103A0B9295548BF96EDA3FE16E49F000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.secureblink.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6029379fcba41756-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
234 B 116ms
114ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=7652426&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

135bdaa841f07b349d186d505a1adfd225a75fb3c7b54044e945b3221b2c2afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da117b700001756ec30e000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.secureblink.com
access-control-allow-credentials: false
cf-ray: 6029379f8b2b1756-FRA
access-control-allow-headers: *

GET
H2 200 modules.addcdf1370f6405beb58.js Show response
script.hotjar.com/ 223 KB
59 KB 173ms
63ms Script
application/javascript 65.9.96.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.addcdf1370f6405beb58.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1914959.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.128 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7a0747840872ff8079fb8dd91d4f3ea3449e6999c43654a18437e24a52bd1568

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 11:48:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10951
x-cache: Hit from cloudfront
content-length: 59720
access-control-allow-origin: *
last-modified: Wed, 16 Dec 2020 11:39:40 GMT
etag: "e88f5ba9a99e1ae64f0e3cb20a2c2f64"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: R22eBd8sHVer9R7nfv-D7s2_Mtj502iMTfW5HKO9wfXy-kMIuzPBig==

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame A534 0
0 52ms
38ms Document
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=invisible&badge=bottomleft&cb=nxyf1bnh89ot

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-agDe878PPEBaAjjjVNEk/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdQvfUUAAAAACmysoh67uquxQsVCi0bS33igVBf&co=aHR0cHM6Ly93d3cuc2VjdXJlYmxpbmsuY29tOjQ0Mw..&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=invisible&badge=bottomleft&cb=nxyf1bnh89ot
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 16 Dec 2020 14:50:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-agDe878PPEBaAjjjVNEk/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10001
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
331 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=586840998618356&ev=PageView&dl=https%3A%2F%2Fwww.secureblink.com%2Fcyber-security-news%2Frussian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware&rl=&if=false&ts=1608130232345&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=30&fbp=fb.1.1608130232343.780526801&it=1608130232107&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 16 Dec 2020 14:50:32 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame C10C 0
0 164ms
49ms Document
text/html 65.9.73.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1914959.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Response headers

content-type: text/html
content-length: 851
date: Sat, 28 Nov 2020 11:53:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Fri, 27 Nov 2020 18:15:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: TjaQmZGn0GbCdA5vZvnVGKl27tiRSMFi4mpYOqXgsPDG_LPa5Q-lsw==
age: 1565828

GET
H2 200 /
tr.lfeeder.com/ 43 B
294 B 206ms
95ms Image
image/gif 65.9.96.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.lfeeder.com/?sid=YEgkB8lvLPz4ep3Z&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTE1MTA1NDkzMC0xIl0sImdhQ2xpZW50SWRzIjpbIjczNTk4NDM4Mi4xNjA4MTMwMjMyIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuMC4wIn0sInBhZ2VVcmwiOiJodHRwczovL3d3dy5zZWN1cmVibGluay5jb20vY3liZXItc2VjdXJpdHktbmV3cy9ydXNzaWFuLWFwdDI4LWhhY2tlcnMtdXNpbmctY292aWQtMTktYXMtYmFpdC10by1kZWxpdmVyLXplYnJvY3ktbWFsd2FyZSIsInBhZ2VUaXRsZSI6IlJ1c3NpYW4gQVBUMjggSGFja2VycyBVc2luZyBDT1ZJRC0xOSBhcyBCYWl0IHRvIERlbGl2ZXIgWmVicm9jeSBNYWx3YXJlIHwgU2VjdXJlIEJsaW5rIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudFRpbWVzdGFtcCI6IjIwMjAtMTItMTZUMTQ6NTA6MzIuMzYzWiIsImNsaWVudFRpbWV6b25lIjotNjAsInNjcmlwdElkIjoiWUVna0I4bHZMUHo0ZXAzWiIsImNvb2tpZXNFbmFibGVkIjp0cnVlLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS40MGM2Yzg0NTBmZGQ3ZTM0LjE2MDgxMzAyMzIzNjAiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9fQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.7 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
via: 1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: 0QM2Ts1i1UatKxGPHUM8REgqmN-rm4V9F33phEmJLlpL3zKML-ZGAg==

GET
H2 200 cabf9003dfad453c8996bf339f95aa4d
app.hubspot.com/conversations-visitor/7652426/threads/utk/ Frame 404C 0
0 180ms
144ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/7652426/threads/utk/cabf9003dfad453c8996bf339f95aa4d?uuid=fcb0cbc37bc840eb91f98a22692fcd40&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=secureblink.com&inApp53=false&messagesUtk=cabf9003dfad453c8996bf339f95aa4d&url=https%3A%2F%2Fwww.secureblink.com%2Fcyber-security-news%2Frussian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: app.hubspot.com
:scheme: https
:path: /conversations-visitor/7652426/threads/utk/cabf9003dfad453c8996bf339f95aa4d?uuid=fcb0cbc37bc840eb91f98a22692fcd40&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=secureblink.com&inApp53=false&messagesUtk=cabf9003dfad453c8996bf339f95aa4d&url=https%3A%2F%2Fwww.secureblink.com%2Fcyber-security-news%2Frussian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Response headers

date: Wed, 16 Dec 2020 14:50:32 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d92278169712dc785dc9d8deb04ca89901608130232; expires=Fri, 15-Jan-21 14:50:32 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax
x-amz-replication-status: PENDING
last-modified: Wed, 16 Dec 2020 02:36:44 UTC
etag: W/"4e214733b25fa79d6fffa4b08c25e2e2"
x-amz-server-side-encryption: AES256
x-amz-version-id: t3WrYgw5ZCwr1xDifQK3wUACB36v_Bql
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db72f6ab1d9d27534c6158ca17e3af1c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C3
x-amz-cf-id: qVs-cLeHMw5QCt9Gv665hUGLnmodY9LaUy2afY0zewWFVhCOazScjQ==
age: 959
access-control-allow-credentials: false
cache-control: max-age=600
x-hs-cache-status: MISS
cf-cache-status: DYNAMIC
cf-request-id: 070da118dd0000bee7ec015000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 602937a16ffbbee7-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-Q050 200 4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 14 KB
14 KB 14ms
9ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.secureblink.com
Referer: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&family=Ubuntu:wght@300;400;500;700&family=Poppins&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 17:15:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:11 GMT
server: sffe
age: 336919
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14096
x-xss-protection: 0
expires: Sun, 12 Dec 2021 17:15:13 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 13ms
9ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.secureblink.com
Referer: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300&family=Ubuntu:wght@300;400;500;700&family=Poppins&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 16:53:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 338197
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Sun, 12 Dec 2021 16:53:55 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1914959/ 178 B
321 B 205ms
74ms XHR
application/json 63.33.16.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1914959/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.addcdf1370f6405beb58.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.16.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-16-37.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 16 Dec 2020 14:50:32 GMT
content-encoding: br
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json

POST
H2 200 /
www.facebook.com/tr/ 0
86 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAsoO9qDmv42yoAUy

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 16 Dec 2020 14:50:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.secureblink.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
316 B 31ms
29ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=7652426&pu=https%3A%2F%2Fwww.secureblink.com%2Fcyber-security-news%2Frussian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware&t=Russian+APT28+Hackers+Using+COVID-19+as+Bait+to+Deliver+Zebrocy+Malware+%7C+Secure+Blink&cts=1608130233287&vi=76cb6d509fc12e196ff49dae6d62935b&nc=true&u=23523301.76cb6d509fc12e196ff49dae6d62935b.1608130233282.1608130233282.1608130233282.1&b=23523301.1.1608130233283&pt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 602937a61ab8bee7-FRA
date: Wed, 16 Dec 2020 14:50:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 070da11bcd0000bee7183e1000000001
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 2 KB
1 KB 141ms
140ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=7652426&utk=76cb6d509fc12e196ff49dae6d62935b&__hstc=23523301.76cb6d509fc12e196ff49dae6d62935b.1608130233282.1608130233282.1608130233282.1&__hssc=23523301.1.1608130233283&currentUrl=https%3A%2F%2Fwww.secureblink.com%2Fcyber-security-news%2Frussian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c46c3285a70c3326f1e65356b48ed33fed09108cb8d2c3191d2ee26d7614b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 14:50:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-ray: 602937a68c2f1756-FRA
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 070da11c1400001756f0963000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.secureblink.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
129 B 34ms
34ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=d5e77a42-791b-4b07-929a-c900be23a124&lfi=854669&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=7652426&pu=https%3A%2F%2Fwww.secureblink.com%2Fcyber-security-news%2Frussian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware&t=Russian+APT28+Hackers+Using+COVID-19+as+Bait+to+Deliver+Zebrocy+Malware+%7C+Secure+Blink&cts=1608130233507&vi=76cb6d509fc12e196ff49dae6d62935b&nc=true&u=23523301.76cb6d509fc12e196ff49dae6d62935b.1608130233282.1608130233282.1608130233282.1&b=23523301.1.1608130233283&pt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.secureblink.com/cyber-security-news/russian-apt28-hackers-using-covid-19-as-bait-to-deliver-zebrocy-malware
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 602937a77b7abee7-FRA
date: Wed, 16 Dec 2020 14:50:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 070da11ca80000bee706af3000000001
x-robots-tag: none

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 586840998618356.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
api.hubspot.com
app.hubspot.com
cms.secureblink.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsleadflows.net
js.usemessages.com
sc.lfeeder.com
script.hotjar.com
static.hotjar.com
storage.googleapis.com
tr.lfeeder.com
track.hubspot.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.secureblink.com
2600:9000:206f:e000:1f:f723:6fc0:93a1
2606:4700:3032::681b:b6dc
2606:4700::6810:a723
2606:4700::6811:46b0
2606:4700::6811:80ab
2606:4700::6811:d2cc
2606:4700::6811:e7cc
2606:4700::6811:ebcc
2606:4700::6812:15bf
2606:4700::6813:9a53
2a00:1450:4001:800::2003
2a00:1450:4001:808::2008
2a00:1450:4001:81d::200a
2a00:1450:4001:820::200e
2a00:1450:4001:821::2010
2a00:1450:4001:824::2004
2a00:1450:4001:825::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
63.33.16.37
65.9.73.36
65.9.96.124
65.9.96.128
65.9.96.7
034a9e88fe70939fcd99f80609ba992e4e20413aa2aaeb81f4b2bbd436e37c6f
0cfdcc53bf7f09ddd08c1cf45ed0d724b2508ebf8ad9a150e55db832616e0a9a
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12deb5082d9a265422916da8c3f6b1db8636ff8a5a72e0cad6cdf62f1ef5fc93
135bdaa841f07b349d186d505a1adfd225a75fb3c7b54044e945b3221b2c2afb
17f932a111c2554515396d5f59be90a68674c3ddabc197a5c443639f66b97e57
19803f44953956282d7e289f3d8c6291fcd4ef82c8f47eedd1cbf79a0b0a9518
1fd99abb178092c18db17531dd4eae451c585cc1f94b5d37167f4949db4c86d4
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b93a023bc166c2c878c10ea2bea26c80fd0d53e2100e7805e7fadae4bd0fffc
33e69d3715b0a5fc886eb66630f2865c1dfe336a21498defec29b147e5da3e4e
33ff57e63adde2597aba529197a22992773e74962297875ee7d3207590ac9388
3a8088fdbbd728866b0425df590bf6bdcfe6d842a7da18a72f678784211142da
3e41fee73af3a6939e1196ed1e09c026e5c58df75ddd6326fec50e7161e4778c
41dcc77cb33898292fcff094e7cb6566b4898092b07a4ccb5bea8b27402007de
470d7fa974d80834908d790b15bc33e6081c71184d2ca5c1e351a649b8223a01
4d27130500a06c2a84c665df9c60c560af45fa2cc70bc61da669b30d58cad33c
4f21be4441a912768edb40bad57cca96da85f1508d128a4b23f3002e5795c771
556b822d85c0a1392a287879d6a3de6ba948b5f84e97427cee100553d576cb26
56c2a16bd17b2c65f616d22751a551547435e75cea42fa0dd4dbae3f8aac78b6
57c64dd6961692f94077b4072fa71011d39b25802aa5606383783dec2c646493
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
62083839d2f5de1bc191eb352b887eeb488baf034b8be86bfd6ace2591aff2c1
63f9cfdc969fcfa0ba6f76de8cc24f3872b1c039b3bb284612242954d7d50f26
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
6908d5110ebaea4824564c64dabf3f224b3c6afa8fdac0e049c86a7049f96f28
690e99ec1211d167dcc17b731605f4f68de24ecad6e32e70ebb92da000beaf42
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
714ed2b1ca2b6590a95736c71c3beaa93ead9d62973f9d36005177157f45e956
772cffbec5b85c2b54d2629e11837ee3655d5e898982b6b475f11805a8c77269
7a0747840872ff8079fb8dd91d4f3ea3449e6999c43654a18437e24a52bd1568
7afc5df607259654355668d9b253e0bc5eb8814cf9ddd40be7e766da8437a595
7b7256373e48aace54a6c1df73eb684e0431831b5160dfeb2c24e55ea3d16bda
7c05e8345194638476a2aa05f3caf9d696791581b5c314db8910edd5b227a6f6
7c46c3285a70c3326f1e65356b48ed33fed09108cb8d2c3191d2ee26d7614b93
7efa535a26118766d4e3e97e5481e83cc883ad71501606ab172a011e3514e1ae
828db6b7e79c6f9a935026a3383990ac60d9b5ae13bc6b8e76e63b6ddc087635
86ce1191fc4dbf64687ddb19c4969e2c4828ebd20c36c8ddce9ff30e1855b5f2
86d0529163783282315659bd782fffcdea17d877a9d31687c77d659a26601ce2
8cb7fc3cabaa46a6318e4ab6fc2892502868b418c691de02708295ef0905356c
8d1d0ce0d2c4bf88a334cb9ac791004875c9d6ce461689f1e3e242adecbd9963
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94224e5139e06bdf232d48c645bfbaca698fe99d731758bd5310f51d13aa241a
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
95bcef5d0cd6765eb7e07cdc104052c81f0a002152951b6bd277478d345a7363
9abaabd33d48ae9dc82d5053e17ed3afe9f73e35ce3887452a5d1111d7a56326
9dc49c87deadcc8add3fbd0d0c1b63705cf0fe0b7499e86e2a571a54e066f2ca
a20dd40541332578d6b1ba51f4df4f9b5cc1bcaaf61667dea0ce5035a675967a
a5d3a7eaee8314271091a227b91881cd541432f47bdb80e30fe81420aa50f58c
a8fd1bc44e5ad77337917cea9c03ecf84f204ad18d992427e43b06c071c97336
aadc560ee510ebcdec540cacb18bda272a320d434777c8a604c06a6aedf5ccc7
ad9e4318a5ffb02d153a7275ddc2a55a896e412e4c95e0cb48365b4c99501413
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b62c6ff3eb7e3fbf3039133c9335b00648fea0bd795133282e25ee7f46c4508e
b6fceade06299331f8aeaec9ee254679d5d5d60fdfec131f1e62b3db4e12769c
ba0987ca8c3a3249c2b721064c61a46acd1852a8d5584d5e2b237c1b3a01bcd2
c668de10bbdfc07c0a514d5a8458b9031e4864c67e695b69e50f1333a4c4be30
c69b575faeced77aab0c260708674fc4de0208b19e30644604873c03ac0fd81d
c8900525afb43040cf5b5a7fdd4bd4cffcc855d59dfe6816cbf03af71a0b656b
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1
d4c5767dd36df35e7d7db3520b95029594ebbfdb7b54f4ec84a7f89e9df86db7
d849e7d3485e39cd044485ffebd73360d2ab642a97dcfdb0ec2c02ce23c7b9ba
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3c3e130c97cfbccd3b66a94999331b31d833129af815217bf0caee5699f8a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e86643e149fee4f159fdac0a9d8094f620bb52bcdaab68a3db553bf96a6c894d
eab3726503e59d3498e3b6530c0534e9133733d660f9a2c84352f2ad4808d204
ece9461b67448fd9efc75ad4bbf3c6a2f0d0aea477046e8822068aee283160d6
ed9b246b3e0f8aa2a2b3903ac31f9dab529a4ad61d63e8e793d92b8d7f09b367
f255133f47bd05254a0f78eba0db90f5a1f9ead1991c789cdc2c809603b1fc96
f7dd4736df496ff824b9277987bd334590fe122088d7e338357f26a913d80dfd
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb
fce490eb1f5d75cf7ea55374c2df4730e71f4826843bd80bc4e7d43d834d1875

www.secureblink.com Open in urlscan Pro 2606:4700:3032::681b:b6dc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

95 Requests

100 %HTTPS

79 %IPv6

18 Domains

28 Subdomains

24 IPs

3 Countries

919 kBTransfer

2593 kBSize

0 Cookies

5 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.secureblink.com Open in urlscan Pro
2606:4700:3032::681b:b6dc Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

100 %
HTTPS

79 %
IPv6

18
Domains

28
Subdomains

24
IPs

3
Countries

919 kB
Transfer

2593 kB
Size

0
Cookies

95 HTTP transactions
0 data transactions