manuelabreuo.com Open in urlscan Pro
50.31.188.103 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Submission: On October 04 via api (October 4th 2021, 5:07:27 am UTC) from GB — Scanned from DE

Summary HTTP 198 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 37 IPs in 4 countries across 21 domains to perform 198 HTTP transactions. The main IP is 50.31.188.103, located in United States and belongs to SERVERCENTRAL, US. The main domain is manuelabreuo.com.
TLS certificate: Issued by R3 on September 10th 2021. Valid for: 3 months.

This is the only time manuelabreuo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	50.31.188.103 50.31.188.103	23352 (SERVERCEN...) (SERVERCENTRAL)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
13	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	78.140.180.86 78.140.180.86	35415 (WEBZILLA) (WEBZILLA)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:290	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:20e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
24	2600:9000:223... 2600:9000:223e:200:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
30	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	199.232.198.49 199.232.198.49	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:a20d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3	199.232.196.64 199.232.196.64	54113 (FASTLY) (FASTLY)
198	37

42 50.31.188.103 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: priva90.privatednsorg.com

manuelabreuo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.140.180.86 (Netherlands)

ASN35415 (WEBZILLA, NL)

content.mql5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:290 (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.metricool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

manuel-abreuo-1.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:20e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2600:9000:223e:200:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.198.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a20d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.196.64 (United States)

ASN54113 (FASTLY, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	twimg.com cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com ton.twimg.com	648 KB
42	manuelabreuo.com manuelabreuo.com	774 KB
25	disquscdn.com c.disquscdn.com a.disquscdn.com	791 KB
16	disqus.com manuel-abreuo-1.disqus.com disqus.com referrer.disqus.com links.services.disqus.com	104 KB
13	wp.com c0.wp.com	87 KB
11	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	230 KB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	230 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	126 KB
5	facebook.com 1 redirects graph.facebook.com www.facebook.com	3 KB
5	googleapis.com fonts.googleapis.com translate.googleapis.com	98 KB
4	google.com translate.google.com adservice.google.com www.google.com	6 KB
3	addtoany.com static.addtoany.com	60 KB
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	6 KB
2	viglink.com cdn.viglink.com	531 B
2	google-analytics.com www.google-analytics.com	20 KB
2	google.de adservice.google.de www.google.de	1 KB
2	metricool.com tracker.metricool.com	1 KB
2	mql5.com content.mql5.com	11 KB
2	facebook.net connect.facebook.net	76 KB
2	googletagmanager.com www.googletagmanager.com	70 KB
1	googleadservices.com partner.googleadservices.com	662 B
198	21

	Domain	Requested by
42	manuelabreuo.com	manuelabreuo.com c0.wp.com
29	pbs.twimg.com	manuelabreuo.com
24	c.disquscdn.com	manuel-abreuo-1.disqus.com disqus.com c.disquscdn.com
13	c0.wp.com	manuelabreuo.com
11	abs.twimg.com	manuelabreuo.com
9	platform.twitter.com	manuelabreuo.com platform.twitter.com
8	disqus.com	manuel-abreuo-1.disqus.com c.disquscdn.com
7	pagead2.googlesyndication.com	manuelabreuo.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	links.services.disqus.com	c.disquscdn.com
3	www.gstatic.com	manuelabreuo.com translate.googleapis.com
3	www.facebook.com	1 redirects manuelabreuo.com connect.facebook.net
3	manuel-abreuo-1.disqus.com	manuelabreuo.com manuel-abreuo-1.disqus.com
3	translate.googleapis.com	translate.google.com translate.googleapis.com
3	fonts.gstatic.com	fonts.googleapis.com
3	static.addtoany.com	manuelabreuo.com static.addtoany.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	ton.twimg.com	platform.twitter.com
2	cdn.viglink.com	manuelabreuo.com
2	referrer.disqus.com	manuelabreuo.com
2	www.google.com	manuelabreuo.com tpc.googlesyndication.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	graph.facebook.com	c0.wp.com static.addtoany.com
2	tracker.metricool.com	manuelabreuo.com
2	content.mql5.com	manuelabreuo.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	manuelabreuo.com connect.facebook.net
2	www.googletagmanager.com	manuelabreuo.com
2	fonts.googleapis.com	manuelabreuo.com
1	a.disquscdn.com	manuelabreuo.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.google.de	manuelabreuo.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	translate.google.com	manuelabreuo.com
198	37

This site contains links to these domains. Also see Links.

Domain
open.spotify.com
www.instagram.com
validator.w3.org
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.addtoany.com
translate.google.com
www.pinterest.ca
www.tumblr.com
www.manuelabreuo.com

Subject Issuer	Validity	Valid
manuelabreuo.com R3	`2021-09-10` - `2021-12-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.mql5.com Sectigo ECC Domain Validation Secure Server CA	`2020-10-02` - `2021-11-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
ssl1029306.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-12` - `2022-06-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-26` - `2022-05-28`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Frame ID: 3F5398B18C7BB4AF34ECA99E0AD65B12
Requests: 121 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Frame ID: DF83D519D0135AFF690219CD48B1B776
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8933729292458681&output=html&adk=1812271804&adf=3025194257&lmt=1633324040&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633324040633&bpp=19&bdt=371&idt=213&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5612760726816&frm=20&pv=2&ga_vid=904790560.1633324041&ga_sid=1633324041&ga_hid=2129612324&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062580%2C31062938%2C31062945&oid=2&pvsid=1662101260115117&pem=103&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=240
Frame ID: 00A27347726AB1D92A2CF11034B036C4
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fmanuelabreuo.com
Frame ID: DCE3182F7D8B35C3E6278D4C145C95FE
Requests: 2 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: 0D0D6E0AF82102745E3C25F0CD9BB1A1
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: D8D67F5CB7D0E0554E79D456DCCCAC47
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&s_o=default
Frame ID: F401AAA3A1B32F2955F36A325B1EC87A
Requests: 16 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.58065ae230495f5d9e4b6a916472b2c1.es.html
Frame ID: F470655357C5983B068A77A1F04E7A74
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo
Frame ID: 2AB1B26DE758970734739036E7F02028
Requests: 9 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 63CDB953653C77FD927E8F0278E837E1
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 55E6EEDBBC7E3575D6EB584A14C31008
Requests: 1 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f44c-1f3fb.png
Frame ID: 0C3CDD90B8A45FAA9B469798120B9AE7
Requests: 49 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D767036366783636%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df15a10824cdd2f8%2526domain%253Dmanuelabreuo.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fmanuelabreuo.com%25252Ff34a94e0876973c%2526relation%253Dparent.parent%26container_width%3D278%26height%3D150%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fingabreuortiz%252F%26locale%3Des_LA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline%26width
Frame ID: AC22AD66C92075FA1ED292E38BA577DB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 75B89542DCB2B29AF53A8C03AFC2BE68
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E3C27BB5C776EEA10D52EA7B95228501
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: A32A5CB0ABE41BC92C9F35F2D05F1CE9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

El grupo ruso Turla APT despliega un nuevo backdoor en los sistemas objetivo - Manuel Abreu Ortiz

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js
googletagmanager\.com/gtm\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

WP-Statistics (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<!-- Analytics by WP-Statistics v([\d.]+) -

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

198
Requests

100 %
HTTPS

74 %
IPv6

21
Domains

37
Subdomains

37
IPs

4
Countries

3363 kB
Transfer

6096 kB
Size

12
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://open.spotify.com/show/7032HFMWLhQkdvVrk8wWnM?si=VkUfG9KEQUCXay-zwepkQw

Search URL Search Domain Scan URL

URL: https://www.instagram.com/elparqueoparrillada/

Search URL Search Domain Scan URL

URL: https://validator.w3.org/feed/check.cgi?url=https%3A//www.manuelabreuo.com/feed

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ingabreuortiz

Search URL Search Domain Scan URL

URL: https://twitter.com/IngAbreuOrtiz

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCFBegErw1dt_4AYv3HBo5qQ

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ingabreuortiz/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/ingabreuortiz/

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&title=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo
Title: Compartir

Search URL Search Domain Scan URL

URL: http://twitter.com/IngAbreuOrtiz
Title: @IngAbreuOrtiz

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/ManuelAbreuOrtiz
Title: Follow via Youtube

Search URL Search Domain Scan URL

URL: https://www.pinterest.ca/ingabreuortiz
Title: Follow via Pinterest

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/blog/view/ingabreuortiz
Title: Follow via Tumblr

Search URL Search Domain Scan URL

URL: https://www.manuelabreuo.com/
Title: Go to

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 187

https://www.facebook.com/v7.0/plugins/page.php?adapt_container_width=true&app_id=767036366783636&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15a10824cdd2f8%26domain%3Dmanuelabreuo.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmanuelabreuo.com%252Ff34a94e0876973c%26relation%3Dparent.parent&container_width=278&height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fingabreuortiz%2F&locale=es_LA&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width= HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D767036366783636%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df15a10824cdd2f8%2526domain%253Dmanuelabreuo.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fmanuelabreuo.com%25252Ff34a94e0876973c%2526relation%253Dparent.parent%26container_width%3D278%26height%3D150%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fingabreuortiz%252F%26locale%3Des_LA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline%26width

Request Chain 205

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

198 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/ 78 KB
18 KB 2325ms
1904ms Document
text/html 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 89ca421d4bf7c88842d1f7b7c5658b71df8f7e84c4aab64a061a48a86d731edb

Request headers

:method: GET
:authority: manuelabreuo.com
:scheme: https
:path: /el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
x-pingback: https://manuelabreuo.com/xmlrpc.php
link: <https://manuelabreuo.com/wp-json/>; rel="https://api.w.org/" <https://manuelabreuo.com/wp-json/wp/v2/posts/8494>; rel="alternate"; type="application/json" <https://manuelabreuo.com/?p=8494>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Oct 2021 05:07:19 GMT
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 106ms
57ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c719b5b6a2ac067b351fcf2a9b3a932d0a2970bb464866b1d4972eae79d5e18c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50845
x-xss-protection: 0
server: cafe
etag: 3664805598119216424
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 05:07:20 GMT

GET
H2 200 gtranslate-style24.css
manuelabreuo.com/wp-content/plugins/gtranslate/ 693 B
344 B 114ms
109ms Stylesheet
text/css 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.8.1
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538

Request headers

:path: /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Sat, 11 Sep 2021 17:15:38 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 237
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.8.1/wp-includes/css/dist/block-library/ 79 KB
10 KB 48ms
6ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: br
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 04 Oct 2022 05:07:20 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/ 11 KB
2 KB 51ms
9ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 04 Oct 2022 05:07:20 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/ 4 KB
1 KB 53ms
12ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 04 Oct 2022 05:07:20 GMT

GET
H2 200 styles.css
manuelabreuo.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
879 B 113ms
106ms Stylesheet
text/css 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Sun, 18 Jul 2021 21:53:17 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 824
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 hssocial-badges.css
manuelabreuo.com/wp-content/plugins/hs-social-media-buttons/ 767 B
368 B 114ms
108ms Stylesheet
text/css 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/hs-social-media-buttons/hssocial-badges.css?ver=5.8.1
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 508668abcc6326f78d4e02a8fcc81878a04ea7f34a93531cc087b9c77ebe6db9

Request headers

:path: /wp-content/plugins/hs-social-media-buttons/hssocial-badges.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Wed, 28 Apr 2021 04:04:16 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 313
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 general.css
manuelabreuo.com/wp-content/plugins/hs-social-media-buttons/inc/css/ 2 KB
617 B 115ms
109ms Stylesheet
text/css 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/hs-social-media-buttons/inc/css/general.css?ver=5.8.1
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 3785ae086a07e767ac63a61d7783243d180378f78d133921d65a1901f1a00451

Request headers

:path: /wp-content/plugins/hs-social-media-buttons/inc/css/general.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Wed, 28 Apr 2021 04:04:16 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 584
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 molongui-authorship.0f0f.min.css
manuelabreuo.com/wp-content/plugins/molongui-authorship/public/css/ 102 KB
10 KB 115ms
109ms Stylesheet
text/css 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/molongui-authorship/public/css/molongui-authorship.0f0f.min.css?ver=4.3.10
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 6155d1450ae5f20ee3577205f706ee61b308332ca81abaf890d32c72f3454a6e

Request headers

:path: /wp-content/plugins/molongui-authorship/public/css/molongui-authorship.0f0f.min.css?ver=4.3.10
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Sun, 19 Sep 2021 01:06:29 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10392
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 prisna-social-counter.css
manuelabreuo.com/wp-content/plugins/social-counter/styles/ 15 KB
8 KB 116ms
110ms Stylesheet
text/css 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/social-counter/styles/prisna-social-counter.css?ver=5.8.1
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 017e98cffe38931c6f72ef3b0a2cd8224918bf35f5e5ffa9b033abfb68afb159

Request headers

:path: /wp-content/plugins/social-counter/styles/prisna-social-counter.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 02:32:53 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8148
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 style.css
manuelabreuo.com/wp-content/themes/fictive/ 49 KB
9 KB 123ms
117ms Stylesheet
text/css 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/themes/fictive/style.css?ver=5.8.1
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 1b9154929df5872c90a4c470f4e0cd9600cda531d5e19d3cf18899d18c465426

Request headers

:path: /wp-content/themes/fictive/style.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Mon, 03 Oct 2016 23:00:43 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9091
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
2 KB 78ms
23ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C700italic%2C400%2C300%2C700&ver=5.8.1

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33e25cc1be39833c2c794365245c788bf9e1fe8b79ccd0798105faf4f27c48d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 03:31:52 GMT
server: ESF
date: Mon, 04 Oct 2021 05:07:20 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 04 Oct 2021 05:07:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
691 B 81ms
25ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter%3A400%2C700%2C400italic&subset=latin%2Clatin-ext&ver=5.8.1

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac7473af8ce98baecc5897c1fff105643accee11f5c67dfd500f6f725b19c333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 05:07:20 GMT
server: ESF
date: Mon, 04 Oct 2021 05:07:20 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 04 Oct 2021 05:07:20 GMT

GET
H2 200 genericons.css
c0.wp.com/p/jetpack/10.1/_inc/genericons/genericons/ 28 KB
16 KB 51ms
12ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.1/_inc/genericons/genericons/genericons.css

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: br
last-modified: Wed, 13 Jan 2016 23:09:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 04 Oct 2022 05:07:20 GMT

GET
H2 200 style.css
manuelabreuo.com/wp-content/plugins/newsletter/ 6 KB
1 KB 211ms
205ms Stylesheet
text/css 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/newsletter/style.css?ver=7.2.7
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

Request headers

:path: /wp-content/plugins/newsletter/style.css?ver=7.2.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Sun, 19 Sep 2021 01:06:49 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1187
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 addtoany.min.css
manuelabreuo.com/wp-content/plugins/add-to-any/ 1 KB
458 B 211ms
206ms Stylesheet
text/css 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Fri, 06 Aug 2021 17:26:27 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 402
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 app.css
manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/css/ 2 KB
556 B 211ms
206ms Stylesheet
text/css 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/css/app.css?ver=5.8.1
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 1228473d48078c846c1973fa1ae37eab100653b49c20952db5c2a0d426f6b7f5

Request headers

:path: /wp-content/plugins/ninja-gdpr-compliance/assets/home/css/app.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Mon, 23 Aug 2021 19:05:01 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 499
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 th.css
manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/css/ 496 B
237 B 212ms
207ms Stylesheet
text/css 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/css/th.css?ver=5.8.1
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 884f6241e9bcf7cecaa9aa48ba3659e853621941f77696b212a8184ca73d9feb

Request headers

:path: /wp-content/plugins/ninja-gdpr-compliance/assets/home/css/th.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Mon, 23 Aug 2021 19:05:01 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 182
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 sharing.css
c0.wp.com/p/jetpack/10.1/modules/sharedaddy/ 19 KB
3 KB 50ms
13ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.1/modules/sharedaddy/sharing.css

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1b11f2c81cddaa0d12147ff5fbecdec023a921b64088411da37f81915b8b4b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: br
last-modified: Tue, 30 Mar 2021 16:59:40 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 04 Oct 2022 05:07:20 GMT

GET
H2 200 social-logos.min.css
c0.wp.com/p/jetpack/10.1/_inc/social-logos/ 12 KB
8 KB 49ms
13ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.1/_inc/social-logos/social-logos.min.css

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: br
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 04 Oct 2022 05:07:20 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 87 KB
30 KB 50ms
13ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 04 Oct 2022 05:07:20 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 11 KB
4 KB 50ms
13ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 04 Oct 2022 05:07:20 GMT

GET
H2 200 addtoany.min.js Show response
manuelabreuo.com/wp-content/plugins/add-to-any/ 129 B
200 B 211ms
207ms Script
application/javascript 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
cache-control: public, max-age=604800
last-modified: Fri, 06 Aug 2021 17:26:27 GMT
accept-ranges: bytes
content-type: application/javascript
content-length: 129
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 hssocial.js Show response
manuelabreuo.com/wp-content/plugins/hs-social-media-buttons/inc/js/ 858 B
453 B 211ms
208ms Script
application/javascript 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/hs-social-media-buttons/inc/js/hssocial.js?ver=5.8.1
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 560600c91660e4055a3681cd8fa3412d472a9685dcb6420ff5c168d614b2f23f

Request headers

:path: /wp-content/plugins/hs-social-media-buttons/inc/js/hssocial.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Wed, 28 Apr 2021 04:04:16 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 403
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 policy.js Show response
manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/js/ 2 KB
818 B 211ms
208ms Script
application/javascript 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/js/policy.js?ver=1.0
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: de55d99fa5a7d65e5490872636e9d96d8b2fb1d0c547b15c2910b95c4aa2a2cc

Request headers

:path: /wp-content/plugins/ninja-gdpr-compliance/assets/home/js/policy.js?ver=1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Mon, 23 Aug 2021 19:05:01 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 785
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 term.js Show response
manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/js/ 2 KB
702 B 212ms
208ms Script
application/javascript 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/js/term.js?ver=1.0
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: c443a66de7fa750b1d4ae8c8f37255b1c6931ff1b01daf5eb982dd49bb7a73b3

Request headers

:path: /wp-content/plugins/ninja-gdpr-compliance/assets/home/js/term.js?ver=1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Mon, 23 Aug 2021 19:05:01 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 669
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 forget-me.js Show response
manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/js/ 2 KB
764 B 212ms
209ms Script
application/javascript 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/js/forget-me.js?ver=1.0
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 00b88bcb9bbf42aae863145805135f750d38540671a6db0cf38eee3d96133934

Request headers

:path: /wp-content/plugins/ninja-gdpr-compliance/assets/home/js/forget-me.js?ver=1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Mon, 23 Aug 2021 19:05:01 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 731
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 data-access.js Show response
manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/js/ 2 KB
761 B 212ms
209ms Script
application/javascript 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/js/data-access.js?ver=1.0
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: a367c417eb444e2df2605d5f3ae2fc05ed7a5565f15e60a6ccbcad6a99147fee

Request headers

:path: /wp-content/plugins/ninja-gdpr-compliance/assets/home/js/data-access.js?ver=1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Mon, 23 Aug 2021 19:05:01 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 728
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 data-rectification.js Show response
manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/js/ 2 KB
825 B 212ms
210ms Script
application/javascript 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/js/data-rectification.js?ver=1.0
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: da8699cd256bcb4c4e509eb5e911a4e403225116254826ecb878d108c9086ee7

Request headers

:path: /wp-content/plugins/ninja-gdpr-compliance/assets/home/js/data-rectification.js?ver=1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Mon, 23 Aug 2021 19:05:01 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 792
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 92ms
50ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-98281748-1

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be55af125bfeef71762a4b5888bc4ddca2de20a4020b1cf9fb96e6d9967329e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38984
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Oct 2021 05:07:20 GMT

GET
H2 200 app.js Show response
manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/js/ 2 KB
877 B 212ms
210ms Script
application/javascript 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/ninja-gdpr-compliance/assets/home/js/app.js?ver=1.0.1
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 3fba5669aa7f7344403040251907473436e12f66a71bc6b8e49825684207abd1

Request headers

:path: /wp-content/plugins/ninja-gdpr-compliance/assets/home/js/app.js?ver=1.0.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Mon, 23 Aug 2021 19:05:01 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 844
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 author-social-networks.css
manuelabreuo.com/wp-content/plugins/author-social-networks/public/css/ 1023 B
455 B 209ms
207ms Stylesheet
text/css 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/author-social-networks/public/css/author-social-networks.css
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 3b6b1e66a2672400ee2446a78370a61dc625de1ee24d609c005c1f3b77b4b345

Request headers

:path: /wp-content/plugins/author-social-networks/public/css/author-social-networks.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Wed, 04 Dec 2019 17:08:33 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 398
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 84ms
33ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8933729292458681

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dafd42a36ee9b0ce81fd16f4b5799f65d4848c1a11fb2434478e863bfaff6f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://manuelabreuo.com/
Origin: https://manuelabreuo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51118
x-xss-protection: 0
server: cafe
etag: 3826933781405675013
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 05:07:20 GMT

GET
H3-Q050 200 cropped-Logo.png
manuelabreuo.com/wp-content/uploads./2019/02/ 257 KB
257 KB 121ms
116ms Image
image/png 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manuelabreuo.com/wp-content/uploads./2019/02/cropped-Logo.png
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: c2280dd6ace027b497d9561194ce375df200cd3b2aa5f5fbe8dfebce0e2fa0b5

Request headers

:path: /wp-content/uploads./2019/02/cropped-Logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
cache-control: public, max-age=604800
last-modified: Wed, 27 Feb 2019 01:05:13 GMT
accept-ranges: bytes
content-type: image/png
content-length: 263619
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H3-Q050 200 Manuel-Abreu_avatar-96x96.jpg
manuelabreuo.com/wp-content/uploads/2016/10/ 3 KB
3 KB 122ms
117ms Image
image/jpeg 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manuelabreuo.com/wp-content/uploads/2016/10/Manuel-Abreu_avatar-96x96.jpg
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 8b732be2a9212aa57b377017bcc8f1daa5e25c5653f9889de3da60b72d2aab0e

Request headers

:path: /wp-content/uploads/2016/10/Manuel-Abreu_avatar-96x96.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
cache-control: public, max-age=604800
last-modified: Fri, 12 Mar 2021 19:30:22 GMT
accept-ranges: bytes
content-type: image/jpeg
content-length: 3151
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/es_LA/ 3 KB
2 KB 32ms
10ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/es_LA/sdk.js

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7295ac4fe4246ec488c66ac830335ab49e417c3ea87962ff41165b42415ea679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://manuelabreuo.com/
Origin: https://manuelabreuo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: SnIAMJSCGCPNEiXHsR+5Yg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: PsIiv9+VIOesKW8SDip2eObjtl8sVDsChPkgsvByCKFSb0o/ZTdPDIODKI3fx4MAppmfGZckKa9NeWlGVGHunQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 10e8d5515da5dd8c1d20861a6bb09f57
x-frame-options: DENY
date: Mon, 04 Oct 2021 05:07:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "650be66caf87976a9bf2bec5531ce93c"
timing-allow-origin: *
expires: Mon, 04 Oct 2021 05:15:46 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 35ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6763) /
Resource Hash: cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 19:09:26 GMT
Server: ECS (frb/6763)
Age: 761
Etag: "f9ab884058c9d8de47075baa622f0e7e+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28869

GET
H3-Q050 200 Parqueo.jpeg
manuelabreuo.com/wp-content/uploads./2019/02/ 155 KB
155 KB 129ms
125ms Image
image/jpeg 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manuelabreuo.com/wp-content/uploads./2019/02/Parqueo.jpeg
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 831eaf3d41999b6ff2d8371d02f310b96602819eaf7e4079415a602292ca7bb2

Request headers

:path: /wp-content/uploads./2019/02/Parqueo.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
cache-control: public, max-age=604800
last-modified: Thu, 28 Feb 2019 03:14:58 GMT
accept-ranges: bytes
content-type: image/jpeg
content-length: 158687
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H3-Q050 404 valid-rss-rogers.png
manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/ 53 KB
53 KB 759ms
755ms Image
text/html 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/valid-rss-rogers.png
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 5891e55220292a57e0a1f14ccd705dde5d8a89247895e56c4f6b13b55d3fe7a2

Request headers

:path: /el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/valid-rss-rogers.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: gzip
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://manuelabreuo.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3-Q050 200 en-us.png
manuelabreuo.com/wp-content/plugins/gtranslate/flags/24/ 656 B
710 B 130ms
125ms Image
image/png 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manuelabreuo.com/wp-content/plugins/gtranslate/flags/24/en-us.png
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1

Request headers

:path: /wp-content/plugins/gtranslate/flags/24/en-us.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
cache-control: public, max-age=604800
last-modified: Sat, 11 Sep 2021 17:15:39 GMT
accept-ranges: bytes
content-type: image/png
content-length: 656
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H3-Q050 200 fr.png
manuelabreuo.com/wp-content/plugins/gtranslate/flags/24/ 637 B
682 B 130ms
125ms Image
image/png 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manuelabreuo.com/wp-content/plugins/gtranslate/flags/24/fr.png
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 594f333e3a8fe65a0466e4f9c140dab97e6b6a073579edf130a87b86614d7ec8

Request headers

:path: /wp-content/plugins/gtranslate/flags/24/fr.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
cache-control: public, max-age=604800
last-modified: Sat, 11 Sep 2021 17:15:39 GMT
accept-ranges: bytes
content-type: image/png
content-length: 637
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H3-Q050 200 it.png
manuelabreuo.com/wp-content/plugins/gtranslate/flags/24/ 642 B
664 B 130ms
125ms Image
image/png 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manuelabreuo.com/wp-content/plugins/gtranslate/flags/24/it.png
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 510116996dc4979a225c07962d84bb76e2b6340234c2c5e4280596ad08a632cb

Request headers

:path: /wp-content/plugins/gtranslate/flags/24/it.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
cache-control: public, max-age=604800
last-modified: Sat, 11 Sep 2021 17:15:39 GMT
accept-ranges: bytes
content-type: image/png
content-length: 642
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H3-Q050 200 es.png
manuelabreuo.com/wp-content/plugins/gtranslate/flags/24/ 873 B
895 B 130ms
126ms Image
image/png 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manuelabreuo.com/wp-content/plugins/gtranslate/flags/24/es.png
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 5ae9561f31199bf8a892f797a69db1bc5d477e2f8318f2b7e95487f025f66f28

Request headers

:path: /wp-content/plugins/gtranslate/flags/24/es.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
cache-control: public, max-age=604800
last-modified: Sat, 11 Sep 2021 17:15:39 GMT
accept-ranges: bytes
content-type: image/png
content-length: 873
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H3-Q050 200 wp-emoji-release.min.js Show response
manuelabreuo.com/wp-includes/js/ 18 KB
4 KB 130ms
126ms Script
application/javascript 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Fri, 23 Jul 2021 16:05:26 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4539
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 10 KB
4 KB 63ms
16ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

ee35c5444e8eafd19fb33246e122168e3db42a46d4e3b8c88548eaaf30d17dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: de
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3878
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 regenerator-runtime.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/dist/vendor/ 6 KB
2 KB 7ms
6ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: br
last-modified: Wed, 23 Jun 2021 00:06:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 04 Oct 2022 05:07:20 GMT

GET
H2 200 wp-polyfill.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/dist/vendor/ 16 KB
6 KB 16ms
4ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: br
last-modified: Mon, 14 Jun 2021 23:18:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 04 Oct 2022 05:07:20 GMT

GET
H3-Q050 200 index.js Show response
manuelabreuo.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 116ms
107ms Script
application/javascript 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Sun, 18 Jul 2021 21:53:18 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3837
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H3-Q050 200 comment_count.js Show response
manuelabreuo.com/wp-content/plugins/disqus-comment-system/public/js/ 889 B
400 B 125ms
116ms Script
application/javascript 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

:path: /wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 01:02:25 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 354
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H3-Q050 200 comment_embed.js Show response
manuelabreuo.com/wp-content/plugins/disqus-comment-system/public/js/ 1 KB
465 B 126ms
116ms Script
application/javascript 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 556172885a172763c715eace05597d5575ee4d4f2df6b61d723f4666b0a730a9

Request headers

:path: /wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 01:02:25 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 442
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H3-Q050 200 molongui-authorship.5a1d.min.js Show response
manuelabreuo.com/wp-content/plugins/molongui-authorship/public/js/ 2 KB
950 B 126ms
116ms Script
application/javascript 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/plugins/molongui-authorship/public/js/molongui-authorship.5a1d.min.js?ver=4.3.10
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 198a9c0dd0138d27a38cf28df0042d77f4adf16b6de4bb4a95e9f4303a026aa6

Request headers

:path: /wp-content/plugins/molongui-authorship/public/js/molongui-authorship.5a1d.min.js?ver=4.3.10
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Sun, 19 Sep 2021 01:06:29 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 904
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H3-Q050 200 fictive.js Show response
manuelabreuo.com/wp-content/themes/fictive/js/ 2 KB
638 B 126ms
116ms Script
application/javascript 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/themes/fictive/js/fictive.js?ver=20140403
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 87c852ee17bc218f2e77b07f9bb20898e5af39c467e2175c8e0fa70dbb987a35

Request headers

:path: /wp-content/themes/fictive/js/fictive.js?ver=20140403
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Mon, 03 Oct 2016 23:00:43 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 590
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H3-Q050 200 skip-link-focus-fix.js Show response
manuelabreuo.com/wp-content/themes/fictive/js/ 733 B
350 B 126ms
117ms Script
application/javascript 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://manuelabreuo.com/wp-content/themes/fictive/js/skip-link-focus-fix.js?ver=20130115
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 53aa25d22b04cbad3939922330b5e5b97a8458c3079118c22f728cb4361f66d6

Request headers

:path: /wp-content/themes/fictive/js/skip-link-focus-fix.js?ver=20130115
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
content-encoding: br
last-modified: Mon, 03 Oct 2016 23:00:43 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 303
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/ 3 KB
1 KB 17ms
6ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/comment-reply.min.js

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: br
last-modified: Thu, 18 Mar 2021 17:48:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 04 Oct 2022 05:07:20 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/ 1 KB
719 B 13ms
6ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/wp-embed.min.js

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 04 Oct 2022 05:07:20 GMT

GET
H2 200 sharing.min.js Show response
c0.wp.com/p/jetpack/10.1/_inc/build/sharedaddy/ 12 KB
4 KB 13ms
6ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.1/_inc/build/sharedaddy/sharing.min.js

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: br
last-modified: Tue, 26 Jan 2021 16:25:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 04 Oct 2022 05:07:20 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/ 257 KB
95 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8933729292458681&plah=manuelabreuo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ece2f1e49029966317aca28a7ef0c89f3149eb3a5aad1b279d84f14002511cff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97133
x-xss-protection: 0
server: cafe
etag: 9661851892806363187
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Oct 2021 05:07:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/ Frame DF83 10 KB
5 KB 51ms
14ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210928/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://manuelabreuo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 03 Oct 2021 23:27:01 GMT
expires: Sun, 17 Oct 2021 23:27:01 GMT
content-type: text/html; charset=UTF-8
etag: 297313706323796346
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4617
x-xss-protection: 0
age: 20419
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 72 KB
26 KB 89ms
44ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb8dcc1c739f349114292341d10b77c2a80ab92aabe5dc8863cadeb147021156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:20 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 117148
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 02 Oct 2021 20:34:44 GMT
server: cloudflare
etag: W/"11ff0-5cd649c35a036"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 698be2d65e8e375e-MXP
cf-bgj: minify

GET
H2 200 core.js Show response
content.mql5.com/ 31 KB
11 KB 92ms
28ms Script
text/javascript 78.140.180.86
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://content.mql5.com/core.js

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

78.140.180.86 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

Resource Hash

4acc4776834a9ff2857f6e2cb2f596f7fc80db4bf5c5adeb54be7d6ee77cce42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
last-modified: Tue, 28 Sep 2021 09:38:48 GMT
date: Mon, 04 Oct 2021 05:07:20 GMT
content-type: text/javascript; charset=UTF-8
access-control-expose-headers: X-Fz-Uniq
cache-control: max-age=259200,proxy-revalidate,public,immutable
x-fz-uniq: 587101113085722120
content-length: 10708
expires: Thu, 07 Oct 2021 05:07:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 78 KB
31 KB 92ms
52ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHWLBGR

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a88b8f933bbace621183c330b2bbf86fd24f8ce10649f568e1edeeaeb531865

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31740
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Oct 2021 05:07:20 GMT

GET
H3-Q050 200 sm-banner.jpg
manuelabreuo.com/wp-content/uploads./2019/02/ 174 KB
174 KB 129ms
126ms Image
image/jpeg 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manuelabreuo.com/wp-content/uploads./2019/02/sm-banner.jpg
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 29755d0064a5aff632ac901dd1dc4189ba2b2313dc48e91b028ce4c490e432c1

Request headers

:path: /wp-content/uploads./2019/02/sm-banner.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
cache-control: public, max-age=604800
last-modified: Wed, 27 Feb 2019 01:13:39 GMT
accept-ranges: bytes
content-type: image/jpeg
content-length: 177998
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 38ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C700italic%2C400%2C300%2C700&ver=5.8.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://manuelabreuo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 17:04:31 GMT
x-content-type-options: nosniff
age: 302569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 30 Sep 2022 17:04:31 GMT

GET
H2 200 rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v19/ 30 KB
30 KB 41ms
17ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v19/rax8HiqOu8IVPmn7f4xp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter%3A400%2C700%2C400italic&subset=latin%2Clatin-ext&ver=5.8.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebb47fd79ee856806fec5c85f947b3a908cbe3cfef92099fa4c9b481f092f6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://manuelabreuo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 17:48:34 GMT
x-content-type-options: nosniff
age: 40726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30792
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 23:04:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 17:48:34 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 79ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 04:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Mon, 04 Oct 2021 05:30:06 GMT

GET
H2 200 main_de.js Show response
translate.googleapis.com/translate_static/js/element/ 7 KB
2 KB 77ms
17ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main_de.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9c5385fe2a7178bca062410e40f687d8656be20d0db09643c1df7eef914a4a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 04:30:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2431
x-xss-protection: 0
last-modified: Mon, 24 May 2021 18:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Mon, 04 Oct 2021 05:30:30 GMT

GET
H2 200 be.js Show response
tracker.metricool.com/app/resources/ 379 B
942 B 315ms
26ms Script
application/javascript 2606:4700:20::681a:290
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.metricool.com/app/resources/be.js

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:290 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4e62a8daa779d16b2c25d343db85f6501e334632b0eeafd7d9f5bc5b8f96367

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72520
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
last-modified: Thu, 30 Sep 2021 06:58:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FdMGW241N5rE5TomTfeTUIvbgCRw0ZL9RrHOnemc9wnuruskX%2FGfppf42wRiM4jr5iOsHLgxQtVsMMKTdkGyFMd2QDSCLtiIfHQQdoNHAono07Cvrkw9mtUG%2Fqs%2FXDanxg3umWdknNpWX7LZ8EvXAySAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800
cf-ray: 698be2d838da0f6a-MXP
expires: Tue, 05 Oct 2021 08:58:41 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/es_LA/ 261 KB
74 KB 238ms
237ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/es_LA/sdk.js?hash=2edeae2d60a4144ecec886a5e3d85f50

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/es_LA/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf649fa081d79623feaf91f65faf07054dc647acae9c56ca26f46a7c9537f749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://manuelabreuo.com/
Origin: https://manuelabreuo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: T969elT66Tm6lJUsBVSUPw==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75592
x-fb-rlafr: 0
x-fb-debug: syOz5X6/3bJervU8hM1Hx8vaBdbnv5x7f7KGC7xpqTaClR30bpHeDTR17LREPfGkXvfm3GPPDQzZBCVy2TEX3w==
x-fb-trip-id: 686109401
x-fb-content-md5: 4c182da7bb1fb4b6eaa59c444067c6dc
x-frame-options: DENY
date: Mon, 04 Oct 2021 05:07:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2e84f4c3ae8379cad3b60782e28622a9"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 04 Oct 2022 04:55:46 GMT

GET
H3-Q050 200 social-icons.png
manuelabreuo.com/wp-content/plugins/hs-social-media-buttons/images/ 11 KB
11 KB 123ms
123ms Image
image/png 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manuelabreuo.com/wp-content/plugins/hs-social-media-buttons/images/social-icons.png
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/wp-content/plugins/hs-social-media-buttons/inc/css/general.css?ver=5.8.1
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: f04f3c80cadae1951a8ba125a81ed0c6a75a258f8473738a4952ea0f59d13c97

Request headers

:path: /wp-content/plugins/hs-social-media-buttons/images/social-icons.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/wp-content/plugins/hs-social-media-buttons/inc/css/general.css?ver=5.8.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/wp-content/plugins/hs-social-media-buttons/inc/css/general.css?ver=5.8.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:19 GMT
cache-control: public, max-age=604800
last-modified: Wed, 28 Apr 2021 04:04:16 GMT
accept-ranges: bytes
content-type: image/png
content-length: 10905
expires: Mon, 11 Oct 2021 05:07:19 GMT

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c

Request headers

Referer
Origin: https://manuelabreuo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v26/ 47 KB
47 KB 12ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C700italic%2C400%2C300%2C700&ver=5.8.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://manuelabreuo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 20:32:05 GMT
x-content-type-options: nosniff
age: 376515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47804
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:51:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 20:32:05 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://manuelabreuo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3-Q050 200 Surf-School-1-300x300.png
manuelabreuo.com/wp-content/uploads./2021/03/ 48 KB
48 KB 108ms
107ms Image
image/png 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manuelabreuo.com/wp-content/uploads./2021/03/Surf-School-1-300x300.png
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 0c4076beed3aba8b2b71e0bf30e38e281ce87a8b231d508f0f65bf9cc4d75822

Request headers

:path: /wp-content/uploads./2021/03/Surf-School-1-300x300.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:20 GMT
cache-control: public, max-age=604800
last-modified: Sat, 13 Mar 2021 01:22:52 GMT
accept-ranges: bytes
content-type: image/png
content-length: 49417
expires: Mon, 11 Oct 2021 05:07:20 GMT

GET
H3-Q050 200 Manuel-Abreu-Ortiz_avatar-96x96.jpg
manuelabreuo.com/wp-content/uploads./2021/04/ 2 KB
2 KB 115ms
115ms Image
image/jpeg 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manuelabreuo.com/wp-content/uploads./2021/04/Manuel-Abreu-Ortiz_avatar-96x96.jpg
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: priva90.privatednsorg.com
Software: /
Resource Hash: 05b3173f8cead174c80af5972e34b555a6ea2883e309bf3d3acf55a182a25cc3

Request headers

:path: /wp-content/uploads./2021/04/Manuel-Abreu-Ortiz_avatar-96x96.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:20 GMT
cache-control: public, max-age=604800
last-modified: Sun, 11 Jul 2021 20:48:05 GMT
accept-ranges: bytes
content-type: image/jpeg
content-length: 2379
expires: Mon, 11 Oct 2021 05:07:20 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
662 B 69ms
16ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=manuelabreuo.com&callback=_gfp_s_&client=ca-pub-8933729292458681

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8933729292458681&plah=manuelabreuo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

679b6fc7e77901ee3f5ef60d00c62a52c787a2435ec17f080b9648ec8b49faa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 58ms
22ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=manuelabreuo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 61ms
23ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=manuelabreuo.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Oct 2021 05:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 00A2 603 B
248 B 33ms
32ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8933729292458681&output=html&adk=1812271804&adf=3025194257&lmt=1633324040&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633324040633&bpp=19&bdt=371&idt=213&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5612760726816&frm=20&pv=2&ga_vid=904790560.1633324041&ga_sid=1633324041&ga_hid=2129612324&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062580%2C31062938%2C31062945&oid=2&pvsid=1662101260115117&pem=103&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=240

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8933729292458681&output=html&adk=1812271804&adf=3025194257&lmt=1633324040&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633324040633&bpp=19&bdt=371&idt=213&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5612760726816&frm=20&pv=2&ga_vid=904790560.1633324041&ga_sid=1633324041&ga_hid=2129612324&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062580%2C31062938%2C31062945&oid=2&pvsid=1662101260115117&pem=103&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=240
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://manuelabreuo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 04 Oct 2021 05:07:20 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 04-Oct-2021 05:22:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 04 Oct 2021 05:07:20 GMT
cache-control: private

GET
H/1.1 200
OK count.js Show response
manuel-abreuo-1.disqus.com/ 1 KB
2 KB 46ms
6ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://manuel-abreuo-1.disqus.com/count.js

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 204
X-Edge-Origin-Shield-Skipped: 0
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 29 Sep 2021 16:35:15 GMT
Server: nginx
ETag: "615495c3-367"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW53-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: 9WSwIXjMreQBPXiE8p250YxLevpBfuowpzloNjJtcLj7niPwFiv4mw==

GET
H/1.1 200
OK embed.js Show response
manuel-abreuo-1.disqus.com/ 74 KB
25 KB 215ms
176ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://manuel-abreuo-1.disqus.com/embed.js

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

3ceb727c5f967ea12ca4e16caad6bab91d9756a9a4b08dba5672e2ee525a695e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:21 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24680

GET
H/1.1 200
OK widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html Show response
platform.twitter.com/widgets/ Frame DCE3 319 KB
103 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fmanuelabreuo.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://manuelabreuo.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 294929
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Oct 2021 05:07:20 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 30 Sep 2021 18:56:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BE)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 / Show response
graph.facebook.com/ 244 B
678 B 103ms
79ms Script
text/javascript 2a03:2880:f01c:20e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.1/_inc/build/sharedaddy/sharing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:20e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8a75a70065779ed5a70268e60cebc3cb3a4224f632ddd193bd451c52d3168cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1004497192
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 183
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 0qhBzYPVQBsHexvkTamytK+EhX0VSV3tw7Jy8NjIHnGY0ZL33+qdqLbceOvXvxsQIkmdyMc3yuWauKL/hleMhw==
x-fb-trace-id: FLPR50sRBe/
date: Mon, 04 Oct 2021 05:07:20 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AUFUqUKl5KlYthAjgEP5vYV
cache-control: no-store
facebook-api-version: v4.0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sm.23.html Show response
static.addtoany.com/menu/ Frame 0D0D 741 B
554 B 26ms
25ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: static.addtoany.com
:scheme: https
:path: /menu/sm.23.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://manuelabreuo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/

Response headers

date: Mon, 04 Oct 2021 05:07:20 GMT
content-type: text/html; charset=utf-8
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
etag: W/"2e5-5cc9e128a4c38"
cache-control: max-age=315360000, immutable
vary: Accept-Encoding
via: e2s
cf-cache-status: HIT
age: 961092
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 698be2d7cffd375e-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 tr
content.mql5.com/ 70 B
139 B 21ms
21ms Image
image/png 78.140.180.86
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.mql5.com/tr?event=Visit&ref=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&id=rlubrwzxtroubsaxdqrydomjmzmvxnfpjq&ssn=1633324040269298454&ssn_dr=0&ssn_sr=10&ssn_start=1&fv_date=1633324040&title=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo%20-%20Manuel%20Abreu%20Ortiz&scr_res=1600x1200&ac=163332404093771480&sv=2158&fz_uniq=6364008142555446792&an=%7B%22vn%22%3A%22Google%20Inc.%22%2C%22cd%22%3A24%2C%22dm%22%3A8192%2C%22ln%22%3A%22en-US%22%2C%22rn%22%3A%5B1600%2C1200%5D%2C%22ar%22%3A%5B1600%2C1200%5D%2C%22ss%22%3A1%2C%22lb%22%3A1%2C%22cb%22%3A1%2C%22ls%22%3A1%2C%22db%22%3A1%2C%22ax%22%3A0%2C%22pm%22%3A%22Linux%20x86_64%22%2C%22rp%22%3A%5B%22Chrome%20PDF%20Plugin%22%2C%22Chrome%20PDF%20Viewer%22%2C%22Native%20Client%22%5D%2C%22wv%22%3A%22Intel%20Inc.~Intel%20Iris%20OpenGL%20Engine%22%2C%22to%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36%22%2C%22hc%22%3A4%2C%22ab%22%3A0%2C%22ts%22%3A0%2C%22ps%22%3A%2220030107%22%2C%22od%22%3A0%2C%22dr%22%3A0%2C%22bb%22%3A0%2C%22bo%22%3A1%2C%22bl%22%3A0%2C%22bs%22%3A0%2C%22dt%22%3A28%7D

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

78.140.180.86 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

Resource Hash

e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Oct 2021 05:07:20 GMT
cache-control: no-cache
content-type: image/png
content-length: 70
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: -1

POST
H3-Q050 200 admin-ajax.php Show response
manuelabreuo.com/wp-admin/ 43 B
301 B 787ms
786ms XHR
application/json 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://manuelabreuo.com/wp-admin/admin-ajax.php?lang=null

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

priva90.privatednsorg.com

Software

Resource Hash

a64e1f9e83146017753f03a69c52c2b125469fa2e17c390c52794b8dc948ec17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
origin: https://manuelabreuo.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: _fz_uniq=6364008142555446792; _fz_fvdt=1633324040; _fz_ssn=1633324040269298454
content-length: 56
:path: /wp-admin/admin-ajax.php?lang=null
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 04 Oct 2021 05:07:20 GMT
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://manuelabreuo.com
x-xss-protection: 0
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 43
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 element_main.js Show response
translate.googleapis.com/element/TE_20210503_00/e/js/element/ 252 KB
90 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main_de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91906
x-xss-protection: 0
last-modified: Mon, 03 May 2021 09:56:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Sun, 02 Oct 2022 16:30:05 GMT

POST
H3-Q050 200 admin-ajax.php Show response
manuelabreuo.com/wp-admin/ 43 B
248 B 805ms
804ms XHR
application/json 50.31.188.103
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://manuelabreuo.com/wp-admin/admin-ajax.php?lang=null

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

50.31.188.103 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

priva90.privatednsorg.com

Software

Resource Hash

c6086194c597846d8e03275fbeee31b57aab91d65edb162c4d9e1b379016377d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
origin: https://manuelabreuo.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: _fz_uniq=6364008142555446792; _fz_fvdt=1633324040; _fz_ssn=1633324040269298454
content-length: 56
:path: /wp-admin/admin-ajax.php?lang=null
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: manuelabreuo.com
referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 04 Oct 2021 05:07:20 GMT
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://manuelabreuo.com
x-xss-protection: 0
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 43
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 24ms
24ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4012012
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 698be2d858a8375e-MXP
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 50ms
13ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98281748-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1224
date: Mon, 04 Oct 2021 04:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 04 Oct 2021 06:46:57 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
425 B 24ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=767036366783636&ev=fb_page_view&dl=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&rl=&if=false&ts=1633324041077&sw=1600&sh=1200&at=

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 04 Oct 2021 05:07:21 GMT

GET
H2 200 c3po.jpg
tracker.metricool.com/ 70 B
451 B 364ms
63ms Image
image/png 2606:4700:20::681a:290
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracker.metricool.com/c3po.jpg?hash=6b4472909bead7ca19b4f29a31bf065a&u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&bw=1600&bh=1200

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:290 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9rwCtgt34XPfCUt2S1a9x%2B9VDD60U786iY8c%2F4wlNoJJDj8%2FcLvWVN498bvTL9xNQJSHhSvQNEGXI%2Fg0He%2BWIBdYuk%2FOoVQaOznOYqPrreWgt8fTxnz6XWa4g4WsMSKaJAotFv3E8n8VYKB%2FSKVHly8KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 698be2daaac40f6a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated Show response
/ Frame D8D6 2 KB
2 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c038fa1aaa4d38dc4dd6a92d02502c02175a0826ca6e706bd16fd65d9a389b1

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
915 B 35ms
7ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 04:59:59 GMT
x-content-type-options: nosniff
age: 442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Oct 2022 04:59:59 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 34ms
7ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 15:04:13 GMT
x-content-type-options: nosniff
age: 136988
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 02 Oct 2022 15:04:13 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 26ms
8ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 04:05:39 GMT
x-content-type-options: nosniff
age: 3702
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Oct 2022 04:05:39 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame DCE3 232 B
431 B 135ms
112ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=8c62e4cac005892952d67a0335069910fc7d6c04

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fmanuelabreuo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 05:07:21 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 8d318120625af21d1678a9555922f68e0a3cef5592905b146bc3332915b49672
content-length: 166

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 21ms
20ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=2129612324&t=pageview&_s=1&dl=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&ul=en-us&de=UTF-8&dt=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo%20-%20Manuel%20Abreu%20Ortiz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACUABBAAAAC~&jid=872479789&gjid=168357654&cid=904790560.1633324041&tid=UA-98281748-1&_gid=1060644572.1633324041&_r=1&gtm=2ou9r0&did=dZTNiMT&z=2137232130

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://manuelabreuo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://manuelabreuo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.f586f6de31a54517b5af7f019af2ba8d.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 50ms
11ms Other
text/css 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.f586f6de31a54517b5af7f019af2ba8d.css

Requested by

Host: manuel-abreuo-1.disqus.com
URL: https://manuel-abreuo-1.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 983974
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 25977
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-6579"
content-type: text/css; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Thu, 22 Sep 2022 19:47:46 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: KVIGJiTKmXrMV7j6pnHwCiXCso771ZcxbmOHBVQcZAr5vFD2__xOlw==
x-cache-hits: 0

GET
H2 200 common.bundle.a0ed109e21af94c55c513d7580d5773c.js
c.disquscdn.com/next/embed/ 0
93 KB 53ms
15ms Other
application/javascript 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.a0ed109e21af94c55c513d7580d5773c.js

Requested by

Host: manuel-abreuo-1.disqus.com
URL: https://manuel-abreuo-1.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 983974
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 94787
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-17243"
content-type: application/javascript; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Thu, 22 Sep 2022 19:47:46 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: 2VK0ztJbb2nhpYpU2M3G63FUVdPZvlI7fhI0wgUOzwIS3e1Sk30bQA==
x-cache-hits: 0

GET
H2 200 lounge.bundle.96662f29a1f56adcd7ebcd257a3eed8e.js
c.disquscdn.com/next/embed/ 0
119 KB 61ms
23ms Other
application/javascript 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.96662f29a1f56adcd7ebcd257a3eed8e.js

Requested by

Host: manuel-abreuo-1.disqus.com
URL: https://manuel-abreuo-1.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 983973
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 120691
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-1d773"
content-type: application/javascript; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Thu, 22 Sep 2022 19:47:47 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: 0ByZx6NcCSSHzVuwGiXnO5tdRdZH_DV8qUykTHz7ypM7mX30Cak7yg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
12 KB 32ms
8ms Other
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: manuel-abreuo-1.disqus.com
URL: https://manuel-abreuo-1.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:21 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 40
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12240
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
manuel-abreuo-1.disqus.com/ 62 KB
21 KB 139ms
139ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://manuel-abreuo-1.disqus.com/recommendations.js

Requested by

Host: manuel-abreuo-1.disqus.com
URL: https://manuel-abreuo-1.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

51ca2b4f39594037063f56b9e7854bbb5230f616a54963ec3850ab7ebf292fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:21 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 20852

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
463 B 66ms
21ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-98281748-1&cid=904790560.1633324041&jid=872479789&gjid=168357654&_gid=1060644572.1633324041&_u=YChACUAABAAAAC~&z=1529394634

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://manuelabreuo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 04 Oct 2021 05:07:21 GMT
content-type: text/plain
access-control-allow-origin: https://manuelabreuo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 63ms
28ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-98281748-1&cid=904790560.1633324041&jid=872479789&_u=YChACUAABAAAAC~&z=1957891658

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 62ms
26ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-98281748-1&cid=904790560.1633324041&jid=872479789&_u=YChACUAABAAAAC~&z=1957891658

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame F401 7 KB
4 KB 143ms
142ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&s_o=default

Requested by

Host: manuel-abreuo-1.disqus.com
URL: https://manuel-abreuo-1.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

fa8d3d729a7d973ed58878af9474ad16dfc74dd37bbc24431ebbd1a43fe80a8b

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://manuelabreuo.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/

Response headers

Connection: keep-alive
Content-Length: 2862
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Mon, 04 Oct 2021 02:13:30 GMT
ETag: W/"lounge:view:8808298848.abed9b24f68f939069ad3a38b9ae7227.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Mon, 04 Oct 2021 05:07:21 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1 200
OK button.5d16ecc02fbaf599a24dfb57ab239320.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6763) /
Resource Hash: 3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:56:33 GMT
Server: ECS (frb/6763)
Age: 294959
Etag: "6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2296

GET
H/1.1 200
OK moment~timeline.126ccbec3f6038135ffb4feab4485043.js Show response
platform.twitter.com/js/ 25 KB
8 KB 14ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.126ccbec3f6038135ffb4feab4485043.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6776) /
Resource Hash: 9534892f50bf74875886445aa51107aa750225cac94d45b7948f17ef09db7439

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:56:34 GMT
Server: ECS (frb/6776)
Age: 294958
Etag: "ea81bb9835807729700595ed5b38fcb8+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8015

GET
H/1.1 200
OK timeline.f0018d9150722c67abdd0e6bbab13587.js Show response
platform.twitter.com/js/ 20 KB
7 KB 22ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.f0018d9150722c67abdd0e6bbab13587.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6763) /
Resource Hash: 964794272aa168ce3feac3a84460c1beb01606da0e303689b8aee75fb354117d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:56:34 GMT
Server: ECS (frb/6763)
Age: 294955
Etag: "b6a9074027bd2a446a397ba65736afc5+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6444

GET
H/1.1 200
OK follow_button.58065ae230495f5d9e4b6a916472b2c1.es.html Show response
platform.twitter.com/widgets/ Frame F470 37 KB
14 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.58065ae230495f5d9e4b6a916472b2c1.es.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6763) /
Resource Hash: a0e73747cb3e98969c0b69376f490e255a49e03078bd70e1cf4914b6afb4fd0d

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://manuelabreuo.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 294936
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Oct 2021 05:07:21 GMT
Etag: "f988155d22c78680a8848b9a7542f322+gzip"
Last-Modified: Thu, 30 Sep 2021 18:56:35 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6763)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13851

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 144 KB
13 KB 414ms
266ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_IngAbreuOrtiz_old&dnt=false&domain=manuelabreuo.com&lang=es&screen_name=IngAbreuOrtiz&suppress_response_codes=true&t=1814804&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

2e41173caa9ca786a3c82c04fb31225fe46b00fa192ef86ee8c81fc84da17b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
content-length: 13200
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
last-modified: Mon, 04 Oct 2021 05:07:21 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 1f58146bac0758ced439864c8907c61372c9b59340901eca95ecc6399cfa9aa6
timing-allow-origin: *
x-transaction: 29861d1455b0d3f2
expires: Mon, 04 Oct 2021 05:12:21 GMT

GET
H2 200 recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ 0
4 KB 8ms
7ms Other
text/css 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css

Requested by

Host: manuel-abreuo-1.disqus.com
URL: https://manuel-abreuo-1.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2666190
x-cache: Hit from cloudfront
content-length: 3748
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-ea4"
content-type: text/css; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Sat, 03 Sep 2022 08:30:51 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: sIfMTWSJMizrVMV-aA6yVIWfZjesf48n1WRAMZNDnokoozgybi8QgQ==
x-cache-hits: 0

GET
H2 200 common.bundle.3599f83da3e37f2d8675b56e0b4f87a4.js
c.disquscdn.com/next/recommendations/ 0
87 KB 9ms
8ms Other
application/javascript 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.3599f83da3e37f2d8675b56e0b4f87a4.js

Requested by

Host: manuel-abreuo-1.disqus.com
URL: https://manuel-abreuo-1.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 983980
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 88862
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-15b1e"
content-type: application/javascript; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Thu, 22 Sep 2022 19:47:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: iBs7NcJZe0cfc4pF9wjDHQ29WufBr-W-9W5czSU76g7Xy1D3hPcIVQ==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js
c.disquscdn.com/next/recommendations/ 0
20 KB 13ms
13ms Other
application/javascript 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js

Requested by

Host: manuel-abreuo-1.disqus.com
URL: https://manuel-abreuo-1.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 18:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2717486
x-cache: Hit from cloudfront
content-length: 20099
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-4e83"
content-type: application/javascript; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Fri, 02 Sep 2022 18:15:55 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: jKQiGOnWFa4EmhI5WtYGD-vNgy1x223-6SKzn3R0n-SbQJW_obJm3w==
x-cache-hits: 0

GET
DATA 200
OK truncated
/ Frame F470 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 lounge.load.33fd930adde1d4970f3f907d75eb8409.js Show response
c.disquscdn.com/next/embed/ Frame F401 1 KB
1 KB 23ms
7ms Script
application/javascript 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.33fd930adde1d4970f3f907d75eb8409.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c18c7bd2947e12105e9a5fe5c317987bd0fb915bf9c985de41277f2411f5a8be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&s_o=default
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 983974
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 532
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-214"
content-type: application/javascript; charset=utf-8
via: 1.1 ab23076896ec73a1a830c9cdc49fcac5.cloudfront.net (CloudFront)
expires: Thu, 22 Sep 2022 19:47:47 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: -wvqyMojMuEnca8M9M9yJsVk4HcI4gQg8r8OPbvb7aVMaKcUPxHTSA==
x-cache-hits: 0

GET
H2 200 common.bundle.a0ed109e21af94c55c513d7580d5773c.js Show response
c.disquscdn.com/next/embed/ Frame F401 282 KB
93 KB 8ms
8ms Script
application/javascript 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.a0ed109e21af94c55c513d7580d5773c.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.33fd930adde1d4970f3f907d75eb8409.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

30ebe86ee66f181317d9669e0530fc4fcb459005996595c73993c1e7fb0022e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 983974
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 94787
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-17243"
content-type: application/javascript; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Thu, 22 Sep 2022 19:47:46 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: dE0cTIwBj8j_lzd_MCwIvwCoavdqQMho3X6K78lofQZOTeSyw7wPmA==
x-cache-hits: 0

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame 2AB1 6 KB
3 KB 122ms
122ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo

Requested by

Host: manuel-abreuo-1.disqus.com
URL: https://manuel-abreuo-1.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2a824cf96d621b38e00579970aa7ee6ffe547d58291d7ba1d381cbf58bf18fa3

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://manuelabreuo.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/

Response headers

Connection: keep-alive
Content-Length: 2375
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Fri, 29 Nov 2019 13:53:25 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Mon, 04 Oct 2021 05:07:21 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 lounge.f586f6de31a54517b5af7f019af2ba8d.css
c.disquscdn.com/next/embed/styles/ Frame F401 163 KB
26 KB 8ms
8ms Stylesheet
text/css 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.f586f6de31a54517b5af7f019af2ba8d.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.a0ed109e21af94c55c513d7580d5773c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4028750e7b37de9ff30e9359b4bcd6b64159656332dd056677121f3cfe022cc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 983974
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 25977
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-6579"
content-type: text/css; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Thu, 22 Sep 2022 19:47:46 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: R5B3rCsY2Ft0OOK2g6hl5xxTxfhNKiCC2tj5fKKgN190IAq8b0Bg0w==
x-cache-hits: 0

GET
H2 200 lounge.bundle.96662f29a1f56adcd7ebcd257a3eed8e.js Show response
c.disquscdn.com/next/embed/ Frame F401 468 KB
119 KB 9ms
9ms Script
application/javascript 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.96662f29a1f56adcd7ebcd257a3eed8e.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.a0ed109e21af94c55c513d7580d5773c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

478823b79d2f830725e8e69079313a3dde42a265ba96e4cfb3a9dd562cbc6318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 983973
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 120691
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-1d773"
content-type: application/javascript; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Thu, 22 Sep 2022 19:47:47 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: tvQXiyDJwzTfE02A6bo1n9BDkEzha9NTeylTcMNFYcawliWdyL5hPw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame F401 12 KB
12 KB 54ms
16ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.a0ed109e21af94c55c513d7580d5773c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a4d56d6bc1db8f92c26100f8ce9a23d9847879d75d05eee76ba26b529c77d1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:21 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 40
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12240
X-XSS-Protection: 1; mode=block

GET
H2 200 es_MX.js Show response
c.disquscdn.com/next/current/embed/lang/ Frame F401 27 KB
9 KB 8ms
8ms Script
application/javascript 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/current/embed/lang/es_MX.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.a0ed109e21af94c55c513d7580d5773c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

43917ca6d5465edd18102acbf08b54aa921622c6c6ed0c1a569939be644375b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 8957
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
last-modified: Tue, 09 Mar 2021 18:44:51 GMT
server: nginx
etag: "6047c223-22fd"
content-type: application/javascript; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Mon, 04 Oct 2021 05:09:54 GMT
cache-control: max-age=300, public
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: 6iHvSVlqGxTZFrtzlJPTxWCvKTJbldJrqvPCMQGDsvdyiOzvGqVdCA==
x-cache-hits: 0

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame F401 3 KB
4 KB 105ms
105ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=manuel-abreuo-1&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.a0ed109e21af94c55c513d7580d5773c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b91ad5506ed00a60764606f344fca85b8303d79c0ab518a50b5b2ce14788ad8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&s_o=default
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3233
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.load.468b97d62a371c49ae174c537bd78912.js Show response
c.disquscdn.com/next/recommendations/ Frame 2AB1 923 B
1 KB 7ms
7ms Script
application/javascript 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.468b97d62a371c49ae174c537bd78912.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d8fd8f477b9e6eeabdb8a7a82c5d4ad22ef274c40c75edfa74c74cbaad7beec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 983979
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 448
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-1c0"
content-type: application/javascript; charset=utf-8
via: 1.1 ab23076896ec73a1a830c9cdc49fcac5.cloudfront.net (CloudFront)
expires: Thu, 22 Sep 2022 19:47:42 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: 3VKIqQkKZvC5sEYIT52edWKNqtw5rJGREo8xJSt8C94dvcCSvp2Uag==
x-cache-hits: 0

GET
H2 200 noavatar92.png
a.disquscdn.com/1631826434/images/ Frame F401 2 KB
2 KB 32ms
7ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1631826434/images/noavatar92.png

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 1437139
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-C2
content-type: image/png
content-length: 1644
x-amz-cf-id: ae8w-uPgwsEVtGRKicDs3hMl_c3U1sdmHCDVijA98QpEHqPpKSRWcQ==
expires: Sun, 17 Oct 2021 13:55:02 GMT

GET
DATA 200
OK truncated
/ Frame F401 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 7ms
7ms Script
application/javascript 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: manuel-abreuo-1.disqus.com
URL: https://manuel-abreuo-1.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 05 May 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13095711
x-cache: Hit from cloudfront
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 15:25:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: aYlW_fWm29IZx0nkNqqyYvo5gacBzyUQft8runh0mXEsLB5SEU9z7Q==
x-cache-hits: 0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame F401 13 KB
13 KB 7ms
7ms Image
image/svg+xml 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f586f6de31a54517b5af7f019af2ba8d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.f586f6de31a54517b5af7f019af2ba8d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 13703380
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: zKYfWMuVjS6TMl6u_gVLCxBGE68mg2ynDwTvXrFIcANCzThIfJM35Q==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame F401 3 KB
3 KB 8ms
7ms Image
image/gif 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f586f6de31a54517b5af7f019af2ba8d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.f586f6de31a54517b5af7f019af2ba8d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 20995754
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: SvBeL4LhAzdVvrgaWNLHU5E4vblc-_nT4ZtX-U9Txj-61KUYCmM-fQ==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame F401 2 KB
2 KB 8ms
7ms Image
image/png 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f586f6de31a54517b5af7f019af2ba8d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.f586f6de31a54517b5af7f019af2ba8d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:48 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 983973
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 22 Sep 2022 19:47:48 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 1EdQZv7KMsYo0k-miSUfa1T51n6hsQqOzEfIQCcl6gT1ZKZo__bvKA==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame F401 8 KB
8 KB 10ms
9ms Font
application/octet-stream 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f586f6de31a54517b5af7f019af2ba8d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.f586f6de31a54517b5af7f019af2ba8d.css
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:58:18 GMT
via: 1.1 ab23076896ec73a1a830c9cdc49fcac5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2833743
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 24 Aug 2021 21:06:44 GMT
server: nginx
etag: "61255f64-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Thu, 01 Sep 2022 09:58:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: OQ21S6BzOSWTnWVGEf6k0y4f0hpmtBDk3lf0vMZsLUSRgautsxgxkA==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 63CD 337 B
806 B 7ms
7ms Stylesheet
text/css 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: manuel-abreuo-1.disqus.com
URL: https://manuel-abreuo-1.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13139627
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 03:13:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: CpSPTaJWm3ZDhAcff8GnPXO0QEw4d3u72oohsiFJb-N4uGGuMJstMg==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 55E6 337 B
806 B 7ms
7ms Stylesheet
text/css 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: manuel-abreuo-1.disqus.com
URL: https://manuel-abreuo-1.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13139627
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 03:13:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: D0yICse6xNnvTfP8gZnh8YWB0uuSdwpr-neYpQ27Qs_dpbrrgTqWgg==
x-cache-hits: 0

GET
H2 200 common.bundle.3599f83da3e37f2d8675b56e0b4f87a4.js Show response
c.disquscdn.com/next/recommendations/ Frame 2AB1 262 KB
87 KB 8ms
7ms Script
application/javascript 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.3599f83da3e37f2d8675b56e0b4f87a4.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.468b97d62a371c49ae174c537bd78912.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5fae79754e7af92e6afadc3060797e3d35188221e60d63d0625f66cf921e7ebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 983980
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 88862
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-15b1e"
content-type: application/javascript; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Thu, 22 Sep 2022 19:47:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: HO69MAogAe_80ulpqcUsym7h3GhqDv9jPXl5OBw61LLqQVyZjlWGwA==
x-cache-hits: 0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame F401 13 KB
13 KB 8ms
8ms Image
image/svg+xml 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f586f6de31a54517b5af7f019af2ba8d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.f586f6de31a54517b5af7f019af2ba8d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 13703380
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 7VfRRkXJZt6zeR-ptevQ1nqOstvJo5SX_GZ-KOJL1CAkSF8qOk0E-A==
x-cache-hits: 0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame F401 43 B
295 B 111ms
94ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.22&load_time=198&event=init_embed&thread=8808298848&forum=manuel-abreuo-1&forum_id=5934840&imp=31k8t70o65r7n&thread_slug=el_grupo_ruso_turla_apt_despliega_un_nuevo_backdoor_en_los_sistemas_objetivo&user_type=anon&referrer=https%3A%2F%2Fmanuelabreuo.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
102 B 91ms
28ms Image
image/gif 2606:4700::6810:a20d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=6.844827956173207
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 1
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 698be2de38435a43-MXP
x-amz-request-id: KY720KPYQZEGVQMV
x-amz-id-2: ExikqGInGfv6T9/WN0ApBE9Z+uFbPrrkXTurAcubgEUkfip5cb4IhJ5vMKHa8uFUXufnl4SP6AU=

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
429 B 90ms
27ms Image
image/gif 2606:4700::6810:a20d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=6.844827956173207
Requested by: Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 1
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 698be2de38455a43-MXP
x-amz-request-id: KY720KPYQZEGVQMV
x-amz-id-2: ExikqGInGfv6T9/WN0ApBE9Z+uFbPrrkXTurAcubgEUkfip5cb4IhJ5vMKHa8uFUXufnl4SP6AU=

GET
H2 200 1f44c-1f3fb.png
abs.twimg.com/emoji/v2/72x72/ Frame 0C3C 820 B
1 KB 32ms
8ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f44c-1f3fb.png

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FA7) /

Resource Hash

0e1b7f89b730a73aa2364bc194d2a1b448f0c32106f7514a939be067c1f27614

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 8797816
x-ton-expected-size: 820
x-cache: HIT
content-length: 820
surrogate-key: twitter-assets
last-modified: Fri, 18 Jan 2019 20:56:49 GMT
server: ECAcc (frc/8FA7)
etag: "5zKOl6xhqNpVlvxEdIKF5Q=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: d5d7e3edf1278d28879f6da6a5cedb8e3dd274d86db28523ce1456e6eedf60e8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 04 Oct 2022 05:07:21 GMT

GET
H2 200 mEXKPmil
pbs.twimg.com/card_img/1444848237257576448/ Frame 0C3C 32 KB
32 KB 96ms
94ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1444848237257576448/mEXKPmil?format=jpg&name=600x314

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE7) /

Resource Hash

ae0612b2b84cdc05051aa92e5986a505444d6bd5ce84f1c7f448b36c2282b642

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 10380
x-cache: MISS
content-length: 32826
surrogate-key: card_img card_img/bucket/7 card_img/1444848237257576448
last-modified: Mon, 04 Oct 2021 02:11:58 GMT
server: ECS (mil/6CE7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3dc256f5571737118bc45d774bba449ea092d221cc03df1a7c90680ea6a978e8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f926-200d-2642-fe0f.png
abs.twimg.com/emoji/v2/72x72/ Frame 0C3C 1015 B
1 KB 32ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f926-200d-2642-fe0f.png

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FDD) /

Resource Hash

e6e414be03c0ed1bbbf0d19b1f8f2bd92e152d6b768877a8c9daf7d3a0be6ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 6573691
x-ton-expected-size: 1015
x-cache: HIT
content-length: 1015
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:35 GMT
server: ECAcc (frc/8FDD)
etag: "xC3Vl67CxiymE6Gk0PHXIQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: bc93751635e9f3e87249ab3b051bd9389dc9a63e17c3d05b69ecbe8e0b3cce28
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 04 Oct 2022 05:07:21 GMT

GET
H2 200 gEEt0EnP
pbs.twimg.com/card_img/1444841150502866947/ Frame 0C3C 61 KB
61 KB 62ms
60ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1444841150502866947/gEEt0EnP?format=jpg&name=600x314

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF1) /

Resource Hash

5a0ec3312dfd12a42eb57895f15dbb1defb0b20a868353623231639a033eaa69

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 10084
x-cache: MISS
content-length: 62090
surrogate-key: card_img card_img/bucket/5 card_img/1444841150502866947
last-modified: Mon, 04 Oct 2021 01:43:48 GMT
server: ECS (mil/6CF1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7cfb3e65bdd72d22b6ac1d52deccd85ff5a3fc6b8e5ad71680a4d76ccf1575d4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f525.png
abs.twimg.com/emoji/v2/72x72/ Frame 0C3C 928 B
1 KB 35ms
12ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f525.png

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F7D) /

Resource Hash

b0f4c358afcce0ddcde029e72ea2d6054eece0ce5a34c9a7e0c5761ff4f33a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 10765851
x-ton-expected-size: 928
x-cache: HIT
content-length: 928
x-response-time: 8
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:26 GMT
server: ECAcc (frc/8F7D)
etag: "SGKFnTk7KmjONB+h88D/mw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2fed23f2cbeea071995af40838e36008
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 04 Oct 2022 05:07:21 GMT

GET
H2 200 SSFHf-cc
pbs.twimg.com/card_img/1444841472784805895/ Frame 0C3C 20 KB
20 KB 101ms
100ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1444841472784805895/SSFHf-cc?format=jpg&name=600x314

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEE) /

Resource Hash

7d440f4e69151e3050faa450d4b5600f01ced6de0a3ed2b0582880b4e9ab2da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 12011
x-cache: MISS
content-length: 20280
surrogate-key: card_img card_img/bucket/7 card_img/1444841472784805895
last-modified: Mon, 04 Oct 2021 01:45:05 GMT
server: ECS (mil/6CEE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 764f9af5d653238efaa97e7b17f247b64451e23cde6ddcf8d9e61625b8023b17
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 2728.png
abs.twimg.com/emoji/v2/72x72/ Frame 0C3C 752 B
917 B 35ms
12ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2728.png

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E84) /

Resource Hash

ad3afa9c7beee612fdc68691d25b36dda934204a3d8916ff3d14df83548a0f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 12840942
x-ton-expected-size: 752
x-cache: HIT
content-length: 752
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:43 GMT
server: ECAcc (frc/8E84)
etag: "8Lg0UtK4FVBWQa8fLgrwjQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 0f20aaad0e5590f56e639e0414e65e4633772cfe9d6e4ab5d01f699246a46b70
accept-ranges: bytes
expires: Tue, 04 Oct 2022 05:07:21 GMT

GET
H2 200 1f970.png
abs.twimg.com/emoji/v2/72x72/ Frame 0C3C 1 KB
1 KB 34ms
11ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f970.png

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FEE) /

Resource Hash

d1b268344fa3a7ee27d6efbbcabd6d4f5214294120de1c2c85b6b0979e22e9ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 9151322
x-ton-expected-size: 1148
x-cache: HIT
content-length: 1148
x-response-time: 13
surrogate-key: twitter-assets
last-modified: Fri, 10 Aug 2018 17:43:05 GMT
server: ECAcc (frc/8FEE)
etag: "Q5fMQAiJO/N8Kvxi4JZmFQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: a2b694b4907ca32cfb6fc81b2c41fd71
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 04 Oct 2022 05:07:21 GMT

GET
H2 200 1f57a.png
abs.twimg.com/emoji/v2/72x72/ Frame 0C3C 1 KB
1 KB 15ms
14ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f57a.png

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FE8) /

Resource Hash

01ba42c5d1434570028d883d465c24b5f70b1966ccfd8344be7a74295a39adf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 4531305
x-ton-expected-size: 1044
x-cache: HIT
content-length: 1044
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Fri, 18 Jan 2019 20:57:32 GMT
server: ECAcc (frc/8FE8)
etag: "wtRNH9+tR7XyHyMJHOzhCg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: a7a01b9e6e4af100b97fffb1b4d2da984fc5e71503ff8fed8c34e062f75c838e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 04 Oct 2022 05:07:21 GMT

GET
H2 200 1f483.png
abs.twimg.com/emoji/v2/72x72/ Frame 0C3C 1 KB
1 KB 14ms
13ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f483.png

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F65) /

Resource Hash

c85118fdaf63514c88e841b8debbbec7ef0baefec99f7a7aa125744e8e260f06

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 6846653
x-ton-expected-size: 1079
x-cache: HIT
content-length: 1079
x-response-time: 12
surrogate-key: twitter-assets
last-modified: Fri, 18 Jan 2019 20:57:16 GMT
server: ECAcc (frc/8F65)
etag: "LU3JbNAcVnqYSPTID4lOWA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 35558d1e22b967eb66be3fdb530031cdd6028ec05d7adb103380418846c75dd5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 04 Oct 2022 05:07:21 GMT

GET
H2 200 1f4a3.png
abs.twimg.com/emoji/v2/72x72/ Frame 0C3C 561 B
702 B 15ms
14ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4a3.png

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8EA8) /

Resource Hash

e3f9d45110f6534fe8f65ebee07c9c6a1dce6e5ae6433265d22940a7f43b6870

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 10786802
x-ton-expected-size: 561
x-cache: HIT
content-length: 561
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:13:25 GMT
server: ECAcc (frc/8EA8)
etag: "E7dQxtwD0aGUfdL9QoFSxA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 8ae8432695d2c43f8ca162abe18e691c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 04 Oct 2022 05:07:21 GMT

GET
H2 200 1f914.png
abs.twimg.com/emoji/v2/72x72/ Frame 0C3C 1 KB
1 KB 9ms
8ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f914.png

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E94) /

Resource Hash

5116f7d07677f06785887c0af23c189b541a306d6b792d605ffaf3ed9f0e912d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 12494460
x-ton-expected-size: 1028
x-cache: HIT
content-length: 1028
x-response-time: 46
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:34 GMT
server: ECAcc (frc/8E94)
etag: "X7St/AzVm+1oZjkmNZWNow=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2b120ed6dce737cb6f312127354036d9b3dfd64a8fdfeeae1bae7f96ec285897
accept-ranges: bytes
expires: Tue, 04 Oct 2022 05:07:21 GMT

GET
H2 200 Kg8IFULc
pbs.twimg.com/card_img/1444728170775781389/ Frame 0C3C 12 KB
12 KB 96ms
95ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1444728170775781389/Kg8IFULc?format=jpg&name=600x314

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE9) /

Resource Hash

3d9f7a598b2ddfaf7de412b6561c790cec3791e23db90b90cdc6f44b319f678a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 38654
x-cache: MISS
content-length: 12541
surrogate-key: card_img card_img/bucket/9 card_img/1444728170775781389
last-modified: Sun, 03 Oct 2021 18:14:52 GMT
server: ECS (mil/6CE9)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 23721352bcadd18dc3a6684c2eed516f4d48266fda4ecdb190c29f023999b0c0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f614.png
abs.twimg.com/emoji/v2/72x72/ Frame 0C3C 683 B
849 B 14ms
14ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f614.png

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F9F) /

Resource Hash

70684e6f3d83eed95d1cba7429bedaf96898ce516bb255da4c658f826f8c5bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 7158511
x-ton-expected-size: 683
x-cache: HIT
content-length: 683
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:28 GMT
server: ECAcc (frc/8F9F)
etag: "P3fVd4iceTRVtAmeSExo6A=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 6b5e0680e3c95ed1369d5c454e7147bc21e65e2cbf1d91aa5e5118e827583931
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 04 Oct 2022 05:07:21 GMT

GET
H2 200 Rl_1ZMRp
pbs.twimg.com/card_img/1442826573439188996/ Frame 0C3C 41 KB
42 KB 96ms
96ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1442826573439188996/Rl_1ZMRp?format=jpg&name=600x314

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE7) /

Resource Hash

cd5f02f39f36c893f9a19d6b06ff312c0d1b9d8496000896a1c01776e229bb21

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 42933
x-cache: MISS
content-length: 42358
surrogate-key: card_img card_img/bucket/9 card_img/1442826573439188996
last-modified: Tue, 28 Sep 2021 12:18:36 GMT
server: ECS (mil/6CE7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d1094ec9d8e23e446a10e94a4332fc4001342d6aba740e4c9e1892ae891d2a07
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 9PSC7eBA
pbs.twimg.com/card_img/1444708581803167745/ Frame 0C3C 26 KB
27 KB 99ms
97ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1444708581803167745/9PSC7eBA?format=jpg&name=600x314

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CDE) /

Resource Hash

c2e34fc2140f05ce93149941d78a2c8c8f53540ea8692d3b0e13a5fb949fe69e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 42972
x-cache: MISS
content-length: 27012
surrogate-key: card_img card_img/bucket/1 card_img/1444708581803167745
last-modified: Sun, 03 Oct 2021 16:57:01 GMT
server: ECS (mil/6CDE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8da3147084c8ed3bd59becf9a9e3db8436c4c6c2515ac4803c5f8f1bd6f1ac63
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f1e9-1f1f4.png
abs.twimg.com/emoji/v2/72x72/ Frame 0C3C 584 B
748 B 14ms
12ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1e9-1f1f4.png

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F12) /

Resource Hash

9b1b44cfa514d049c4872b3334f9b7032502ea3b3ed3b664f51990d5e56fe0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 9747623
x-ton-expected-size: 584
x-cache: HIT
content-length: 584
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Thu, 17 May 2018 19:30:07 GMT
server: ECAcc (frc/8F12)
etag: "XiCm45ZtuwCqaA6tI/QZVQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 42eacfdbf807b4a27287632d3a688eb455387632aa40a188d4a91f53e6b92da4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 04 Oct 2022 05:07:21 GMT

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 0C3C 53 KB
12 KB 7ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:56:30 GMT
Server: ECS (frb/6796)
Age: 294958
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 8ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Sep 2021 18:56:30 GMT
Server: ECS (frb/6796)
Age: 294958
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 Zf-vdPEc_normal.jpg
pbs.twimg.com/profile_images/1410352162157248515/ Frame 0C3C 2 KB
2 KB 41ms
40ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1410352162157248515/Zf-vdPEc_normal.jpg

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CDF) /

Resource Hash

0bca4cf4c1446c405f957853bb39db7ef38442c7995f22c2d0d08bceca00147c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
x-content-type-options: nosniff
age: 477663
x-cache: HIT
content-length: 2263
surrogate-key: profile_images profile_images/bucket/7 profile_images/1410352162157248515
last-modified: Wed, 30 Jun 2021 21:36:53 GMT
server: ECS (mil/6CDF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e25d7df9d38cd5192adc359a61f5294e6e9aa0b6e2c5b06d2780e1f6c880fba1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 raNGlUT9_normal.jpg
pbs.twimg.com/profile_images/1230212639592198147/ Frame 0C3C 2 KB
2 KB 75ms
74ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1230212639592198147/raNGlUT9_normal.jpg

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF8) /

Resource Hash

be9ece6df2a1f00f3644d9a0df2f4f89aac99f172f8648853aa5d420749a24fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 38193
x-cache: MISS
content-length: 1959
surrogate-key: profile_images profile_images/bucket/9 profile_images/1230212639592198147
last-modified: Wed, 19 Feb 2020 19:26:44 GMT
server: ECS (mil/6CF8)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 101d649620018ba0b21369db39417c43fd39872ff77982a304ab0a05b2f1a4b0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Py38H7BI_normal.jpg
pbs.twimg.com/profile_images/1429656540592721924/ Frame 0C3C 2 KB
2 KB 66ms
66ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1429656540592721924/Py38H7BI_normal.jpg

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE8) /

Resource Hash

7238c60c4bf5bd2b95b6c34fb2df312bb1b895446a0fc6de4e7c1ba3165a951a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 43718
x-cache: MISS
content-length: 2035
surrogate-key: profile_images profile_images/bucket/7 profile_images/1429656540592721924
last-modified: Mon, 23 Aug 2021 04:05:35 GMT
server: ECS (mil/6CE8)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 17ed9daeb9a05a41bc7a974da4530a306c07495b3cf5b538d82cf50608e1a866
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Giv6e1Yt_normal.jpg
pbs.twimg.com/profile_images/1044588354917085184/ Frame 0C3C 2 KB
2 KB 64ms
64ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1044588354917085184/Giv6e1Yt_normal.jpg

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE4) /

Resource Hash

71c1670fba39ad825038a3ed3aaf6f5cf50fc0686b79e36f546d16d26df21d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 35752
x-cache: MISS
content-length: 2111
surrogate-key: profile_images profile_images/bucket/5 profile_images/1044588354917085184
last-modified: Tue, 25 Sep 2018 14:02:05 GMT
server: ECS (mil/6CE4)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 956d81fc32cddbe07ceec36e87a2896e682497c442639e9e2826523c20f299a5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 W3HnsWVH_normal.png
pbs.twimg.com/profile_images/1315756619897204741/ Frame 0C3C 2 KB
2 KB 40ms
39ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1315756619897204741/W3HnsWVH_normal.png

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CDF) /

Resource Hash

f501ecbfab69d254eecc911da3bbc55b31ac29a835b523fc05310cff8ca1147b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 472545
x-cache: HIT
content-length: 2035
surrogate-key: profile_images profile_images/bucket/2 profile_images/1315756619897204741
last-modified: Mon, 12 Oct 2020 20:47:58 GMT
server: ECS (mil/6CDF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a7bd7a7cb7780834c1ee04b0e77ca0399079ba4aef9c33a4ed0493a79e5976d3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 nRgmOuKZ_normal.jpg
pbs.twimg.com/profile_images/1438239384587878401/ Frame 0C3C 2 KB
2 KB 40ms
39ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1438239384587878401/nRgmOuKZ_normal.jpg

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEE) /

Resource Hash

c590b89e3b8e4ff584b6d419e4b8f77ae1b07477033860239e3c3a4ec37f63fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 373517
x-cache: HIT
content-length: 1807
surrogate-key: profile_images profile_images/bucket/5 profile_images/1438239384587878401
last-modified: Wed, 15 Sep 2021 20:30:45 GMT
server: ECS (mil/6CEE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dde0a600ff149bab100e2423cc40b5702e820b3e7faef85abb5d395b71e00065
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 OonrHlo7_normal.jpg
pbs.twimg.com/profile_images/1293931670454722561/ Frame 0C3C 2 KB
2 KB 41ms
40ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1293931670454722561/OonrHlo7_normal.jpg

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE6) /

Resource Hash

c0abf5a259b4f6fdc07bd311c52b87ed26ac42290939d31e9f0053fe03a0e262

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 84939
x-cache: HIT
content-length: 1883
surrogate-key: profile_images profile_images/bucket/3 profile_images/1293931670454722561
last-modified: Thu, 13 Aug 2020 15:23:24 GMT
server: ECS (mil/6CE6)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f03ec968ec13d413b48146b50c37c769adb57beeecc8e89a326756bc4d8fa1ac
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 N2jV05bx_normal.jpg
pbs.twimg.com/profile_images/1433779360989958178/ Frame 0C3C 2 KB
2 KB 40ms
40ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1433779360989958178/N2jV05bx_normal.jpg

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CED) /

Resource Hash

3f367271866a0ad4fed6b53b24b546431b30630029944dc2259204e51e327e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 332798
x-cache: HIT
content-length: 2111
surrogate-key: profile_images profile_images/bucket/9 profile_images/1433779360989958178
last-modified: Fri, 03 Sep 2021 13:08:12 GMT
server: ECS (mil/6CED)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b8bf7cba29797d253e4483c48169f5049ecf5985895df5182f4b70142cb19ac8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FA0ilQMWQAMwzbq
pbs.twimg.com/media/ Frame 0C3C 33 KB
34 KB 315ms
315ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FA0ilQMWQAMwzbq?format=jpg&name=360x360

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF7) /

Resource Hash

02e1294d823bafcd6ec6f15dc23370b5088cded5ece1e326eff8c3f262f5efb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
content-length: 34132
surrogate-key: media media/bucket/8 media/1444849078853058563
last-modified: Mon, 04 Oct 2021 02:15:19 GMT
server: ECS (mil/6CF7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3118eec01f80d543432b857a4a7d3e2ebd4a78a44e23089154ad4e3d66a2cd3d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FKALRmPSHIPSBvlZ
pbs.twimg.com/ext_tw_video_thumb/1444740527862263813/pu/img/ Frame 0C3C 22 KB
22 KB 70ms
69ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1444740527862263813/pu/img/FKALRmPSHIPSBvlZ?format=jpg&name=360x360

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE0) /

Resource Hash

e6c6b1d1a62f26874168c3e7c31823e9143c45d42506f1c854cf1214254801d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 18249
x-cache: MISS
content-length: 22574
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/7 ext_tw_video_thumb/1444740527862263813
last-modified: Sun, 03 Oct 2021 19:03:58 GMT
server: ECS (mil/6CE0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7bf6d4ae1cbfff43e7a5dfefad520e83cdb15511ec81ff10c85ec5013aa861bc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FAy5GrPWUA0vxJd
pbs.twimg.com/media/ Frame 0C3C 15 KB
15 KB 64ms
63ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FAy5GrPWUA0vxJd?format=jpg&name=360x360

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEF) /

Resource Hash

98ff7c83df6bf9b01cd51e16814ea36ee5ec7fee4307cdc1c4e4d018ad6df849

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 33534
x-cache: MISS
content-length: 14938
surrogate-key: media media/bucket/2 media/1444733104816541709
last-modified: Sun, 03 Oct 2021 18:34:28 GMT
server: ECS (mil/6CEF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a639cb7a8a97c2af749e8c4449f579a8c5ec27f890bd300a7afb06f928f21573
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FAycsFjXIAI5SAq
pbs.twimg.com/media/ Frame 0C3C 46 KB
46 KB 67ms
67ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FAycsFjXIAI5SAq?format=jpg&name=360x360

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF9) /

Resource Hash

1bf7bfbe582e1f0b86f9307e21bb88f5e37dc69caa168dd01ad035a172452a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 44798
x-cache: MISS
content-length: 46868
surrogate-key: media media/bucket/8 media/1444701861697757186
last-modified: Sun, 03 Oct 2021 16:30:19 GMT
server: ECS (mil/6CF9)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cc5103073ce35fc954d9069987ff3102f2e93d70bbf20230bfafe3c93ef49098
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 tU2CaiijFmuJpS4T
pbs.twimg.com/ext_tw_video_thumb/1444651130903056392/pu/img/ Frame 0C3C 12 KB
13 KB 40ms
40ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1444651130903056392/pu/img/tU2CaiijFmuJpS4T?format=jpg&name=360x360

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF8) /

Resource Hash

97e08b41dc9a5934da7c16b4c915c50ecd6173080f6056cfb0c965863f8d5cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 57305
x-cache: HIT
content-length: 12749
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/6 ext_tw_video_thumb/1444651130903056392
last-modified: Sun, 03 Oct 2021 13:08:44 GMT
server: ECS (mil/6CF8)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c5606609ac177219fa0b7727c5a152f97c47b5a6430b8aad301c96b7c01ecf0a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FAzmcaYXoAw1nXh
pbs.twimg.com/media/ Frame 0C3C 8 KB
8 KB 65ms
65ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FAzmcaYXoAw1nXh?format=jpg&name=240x240

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEC) /

Resource Hash

3ae0b8b65d5d2cc70686cac4bc8ef5fd49cabe99a0a89a7a6b1b6ade8faad86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 25756
x-cache: MISS
content-length: 8059
surrogate-key: media media/bucket/3 media/1444782956271345676
last-modified: Sun, 03 Oct 2021 21:52:34 GMT
server: ECS (mil/6CEC)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cf3bca032d172ef1a28d0f5d64bb76f007aaa6bf2d79d6518d8ad0dee9cab94a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FAzmcaaXoAYEEw2
pbs.twimg.com/media/ Frame 0C3C 10 KB
10 KB 67ms
67ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FAzmcaaXoAYEEw2?format=jpg&name=240x240

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF9) /

Resource Hash

d29cb7bdc31139a0986b5416e0328d414f7154dbe6768caabd778198ee27d889

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 25756
x-cache: MISS
content-length: 10154
surrogate-key: media media/bucket/9 media/1444782956279734278
last-modified: Sun, 03 Oct 2021 21:52:34 GMT
server: ECS (mil/6CF9)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 573e926157f53c8e61cc14cba8e6c5348b85f27f6ce74ae884e59188c4c77104
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FAzmcaZXMAAZBye
pbs.twimg.com/media/ Frame 0C3C 9 KB
10 KB 65ms
64ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FAzmcaZXMAAZBye?format=jpg&name=240x240

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE0) /

Resource Hash

63729e0af4581d732b3546d3fcc4e1351af57e10b30d9661e094f6fa86b2e4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 25756
x-cache: MISS
content-length: 9500
surrogate-key: media media/bucket/4 media/1444782956275511296
last-modified: Sun, 03 Oct 2021 21:52:34 GMT
server: ECS (mil/6CE0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 24a272f1b147330338ba08c4746c8dada10572f83fa3902a94133213c09de8fb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FAzmcaWWYAI4zEe
pbs.twimg.com/media/ Frame 0C3C 10 KB
10 KB 64ms
63ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FAzmcaWWYAI4zEe?format=jpg&name=240x240

Requested by

Host: manuelabreuo.com
URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF2) /

Resource Hash

afe004857b15f063cd93531f45ca2a9862083afcdcb92290ca5d0af1c8c97cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 25756
x-cache: MISS
content-length: 10377
surrogate-key: media media/bucket/0 media/1444782956262875138
last-modified: Sun, 03 Oct 2021 21:52:34 GMT
server: ECS (mil/6CF2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 65921cfeb6dbea99685f4d1703dd8c8536a67e2a92225b8c2799966f50c99937
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 0C3C 44 KB
7 KB 38ms
10ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319578
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 4e3c801b7b01a5ee52a8dcd658b7f0c411c880f5bcbc7d2b1110ee7e2564caa7
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 11 Oct 2021 05:07:21 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 26ms
12ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319578
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 4e3c801b7b01a5ee52a8dcd658b7f0c411c880f5bcbc7d2b1110ee7e2564caa7
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 11 Oct 2021 05:07:21 GMT

GET
DATA 200
OK truncated
/ Frame 0C3C 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0C3C 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0C3C 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0C3C 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0C3C 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0C3C 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0C3C 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ Frame 2AB1 17 KB
4 KB 7ms
7ms Stylesheet
text/css 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3599f83da3e37f2d8675b56e0b4f87a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2666191
x-cache: Hit from cloudfront
content-length: 3748
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-ea4"
content-type: text/css; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Sat, 03 Sep 2022 08:30:51 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: DYd0Mg7BQYdsGslrAjohY0obpfCBG0C5j_W7r3t4SnUxzUMhhDpF3Q==
x-cache-hits: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 28ms
28ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210928&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02b622c0adf00b61eab8f7d68c0de9c2e16e6ac400df3c75aa7925bc7bcad657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Oct 2021 05:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8488
x-xss-protection: 0

GET
H2 200 / Show response
graph.facebook.com/ 235 B
349 B 43ms
43ms Script
text/javascript 2a03:2880:f01c:20e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?fields=og_object%7Bengagement%7D&id=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&callback=a2a.counters.facebook.cb1

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:20e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f7f45f6dee41387bca54f84c660dd1ecc1a0efd402dcd9ed86fa16c1a8fe1da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1004497192
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 170
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: jTZtGX81MroAfBTJphN9pDtHOZSKzBH+nDIcwm08zl2Rk25bSDabG0yScv/Ie9XTRkeHSCVFptD2E+TIsVx+aQ==
x-fb-trace-id: Hd/hB7gA9N6
date: Mon, 04 Oct 2021 05:07:22 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: Aca4LEd2e_2NLU4NoXCcggD
cache-control: no-store
facebook-api-version: v4.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
www.facebook.com/login/ Frame AC22
Redirect Chain

https://www.facebook.com/v7.0/plugins/page.php?adapt_container_width=true&app_id=767036366783636&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15a...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D767036366783636%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

213ms
213ms

Document
text/html

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D767036366783636%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df15a10824cdd2f8%2526domain%253Dmanuelabreuo.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fmanuelabreuo.com%25252Ff34a94e0876973c%2526relation%253Dparent.parent%26container_width%3D278%26height%3D150%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fingabreuortiz%252F%26locale%3Des_LA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline%26width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/es_LA/sdk.js?hash=2edeae2d60a4144ecec886a5e3d85f50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D767036366783636%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df15a10824cdd2f8%2526domain%253Dmanuelabreuo.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fmanuelabreuo.com%25252Ff34a94e0876973c%2526relation%253Dparent.parent%26container_width%3D278%26height%3D150%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fingabreuortiz%252F%26locale%3Des_LA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline%26width
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://manuelabreuo.com/
accept-encoding: gzip, deflate, br
cookie: fr=0wuKNU5HWPu7LFsht..BhWowJ...1.0.BhWowJ.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
set-cookie: fr=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=-1633324041; path=/; domain=.facebook.com; httponly
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: VpkGZEgYEcJsp1/tBN4GpE51oHXrUjhz8brKM0ME7/5A+FoQ1PyoAFnkNzTfa/wfzu5CmNfI4YOiSMkTp5ni4Q==
date: Mon, 04 Oct 2021 05:07:22 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D767036366783636%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df15a10824cdd2f8%2526domain%253Dmanuelabreuo.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fmanuelabreuo.com%25252Ff34a94e0876973c%2526relation%253Dparent.parent%26container_width%3D278%26height%3D150%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fingabreuortiz%252F%26locale%3Des_LA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline%26width
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v9.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: fUpnAPoGzsIDh4jBrMwRkmqO5BQ1w17+Pb5//gcWUfEdxqjJJpYru7ZPJd7IFI6nY4ViwRzm/wNkKYEev1MsRA==
content-length: 0
date: Mon, 04 Oct 2021 05:07:22 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js Show response
c.disquscdn.com/next/recommendations/ Frame 2AB1 65 KB
20 KB 8ms
7ms Script
application/javascript 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3599f83da3e37f2d8675b56e0b4f87a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f154ad0a779cdcbfe1cb4e5df7f12695b16ed0839247ae9622663c3859e20ec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 18:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2717487
x-cache: Hit from cloudfront
content-length: 20099
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-4e83"
content-type: application/javascript; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Fri, 02 Sep 2022 18:15:55 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: W6o06aYSZAa1jPaB_odHD5MWQvuTo2VLyAQoznKQgQpPwH_P3yXfeA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 2AB1 12 KB
12 KB 7ms
7ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3599f83da3e37f2d8675b56e0b4f87a4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a4d56d6bc1db8f92c26100f8ce9a23d9847879d75d05eee76ba26b529c77d1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:22 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 40
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12240
X-XSS-Protection: 1; mode=block

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 74ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 04 Oct 2021 05:07:22 GMT

GET
H2 200 es_MX.js Show response
c.disquscdn.com/next/current/recommendations/lang/ Frame 2AB1 27 KB
9 KB 8ms
8ms Script
application/javascript 2600:9000:223e:200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/current/recommendations/lang/es_MX.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3599f83da3e37f2d8675b56e0b4f87a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

43917ca6d5465edd18102acbf08b54aa921622c6c6ed0c1a569939be644375b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 8957
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
last-modified: Tue, 09 Mar 2021 18:44:51 GMT
server: nginx
etag: "6047c223-22fd"
content-type: application/javascript; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75cb.cloudfront.net (CloudFront)
expires: Mon, 04 Oct 2021 05:12:01 GMT
cache-control: max-age=300, public
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: KxHyFDPYLC20xNGxXcnLX2S6WT-Shahz1FJ7VbfU8QEabBkh4UsfHw==
x-cache-hits: 0

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 2AB1 3 KB
4 KB 9ms
9ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=manuel-abreuo-1&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3599f83da3e37f2d8675b56e0b4f87a4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b91ad5506ed00a60764606f344fca85b8303d79c0ab518a50b5b2ce14788ad8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:22 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3233
X-XSS-Protection: 1; mode=block

GET
H2 200 mEXKPmil
pbs.twimg.com/card_img/1444848237257576448/ Frame 0C3C 32 KB
32 KB 40ms
40ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1444848237257576448/mEXKPmil?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE7) /

Resource Hash

ae0612b2b84cdc05051aa92e5986a505444d6bd5ce84f1c7f448b36c2282b642

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 10381
x-cache: HIT
content-length: 32826
surrogate-key: card_img card_img/bucket/7 card_img/1444848237257576448
last-modified: Mon, 04 Oct 2021 02:11:58 GMT
server: ECS (mil/6CE7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3dc256f5571737118bc45d774bba449ea092d221cc03df1a7c90680ea6a978e8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame 2AB1 2 KB
2 KB 152ms
152ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=manuel-abreuo-1&thread=ident%3A8494+https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3599f83da3e37f2d8675b56e0b4f87a4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

63fc3877654b51188acdbe5e87d3a9ef7362219da3c614c5e2d705b06b264dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=manuel-abreuo-1&t_i=8494%20https%3A%2F%2Fmanuelabreuo.com%2F%3Fp%3D8494&t_u=https%3A%2F%2Fmanuelabreuo.com%2Fel-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo%2F&t_e=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_d=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo&t_t=El%20grupo%20ruso%20Turla%20APT%20despliega%20un%20nuevo%20backdoor%20en%20los%20sistemas%20objetivo
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:22 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Connection: keep-alive
Content-Type: application/json
Vary: Origin
Content-Length: 1882
X-XSS-Protection: 1; mode=block

GET
H2 200 gEEt0EnP
pbs.twimg.com/card_img/1444841150502866947/ Frame 0C3C 61 KB
61 KB 40ms
40ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1444841150502866947/gEEt0EnP?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF1) /

Resource Hash

5a0ec3312dfd12a42eb57895f15dbb1defb0b20a868353623231639a033eaa69

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 10085
x-cache: HIT
content-length: 62090
surrogate-key: card_img card_img/bucket/5 card_img/1444841150502866947
last-modified: Mon, 04 Oct 2021 01:43:48 GMT
server: ECS (mil/6CF1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7cfb3e65bdd72d22b6ac1d52deccd85ff5a3fc6b8e5ad71680a4d76ccf1575d4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 75B8 12 KB
5 KB 316ms
14ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://manuelabreuo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sun, 03 Oct 2021 22:50:31 GMT
expires: Mon, 03 Oct 2022 22:50:31 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E3C2 783 B
998 B 24ms
24ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c76acf617134cb6e27624b31a168629c1ef952646641f9c4b1d511c10f0ac8bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MJzjN9Sx5RJco+SBVqNS3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://manuelabreuo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 04 Oct 2021 05:07:22 GMT
date: Mon, 04 Oct 2021 05:07:22 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-MJzjN9Sx5RJco+SBVqNS3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 SSFHf-cc
pbs.twimg.com/card_img/1444841472784805895/ Frame 0C3C 20 KB
20 KB 45ms
45ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1444841472784805895/SSFHf-cc?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEE) /

Resource Hash

7d440f4e69151e3050faa450d4b5600f01ced6de0a3ed2b0582880b4e9ab2da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 12012
x-cache: HIT
content-length: 20280
surrogate-key: card_img card_img/bucket/7 card_img/1444841472784805895
last-modified: Mon, 04 Oct 2021 01:45:05 GMT
server: ECS (mil/6CEE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 764f9af5d653238efaa97e7b17f247b64451e23cde6ddcf8d9e61625b8023b17
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Kg8IFULc
pbs.twimg.com/card_img/1444728170775781389/ Frame 0C3C 12 KB
12 KB 41ms
41ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1444728170775781389/Kg8IFULc?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE9) /

Resource Hash

3d9f7a598b2ddfaf7de412b6561c790cec3791e23db90b90cdc6f44b319f678a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 38655
x-cache: HIT
content-length: 12541
surrogate-key: card_img card_img/bucket/9 card_img/1444728170775781389
last-modified: Sun, 03 Oct 2021 18:14:52 GMT
server: ECS (mil/6CE9)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 23721352bcadd18dc3a6684c2eed516f4d48266fda4ecdb190c29f023999b0c0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Rl_1ZMRp
pbs.twimg.com/card_img/1442826573439188996/ Frame 0C3C 41 KB
42 KB 41ms
41ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1442826573439188996/Rl_1ZMRp?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE7) /

Resource Hash

cd5f02f39f36c893f9a19d6b06ff312c0d1b9d8496000896a1c01776e229bb21

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 42934
x-cache: HIT
content-length: 42358
surrogate-key: card_img card_img/bucket/9 card_img/1442826573439188996
last-modified: Tue, 28 Sep 2021 12:18:36 GMT
server: ECS (mil/6CE7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d1094ec9d8e23e446a10e94a4332fc4001342d6aba740e4c9e1892ae891d2a07
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E3C2 0
0 56ms
56ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210928&jk=1662101260115117&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 9PSC7eBA
pbs.twimg.com/card_img/1444708581803167745/ Frame 0C3C 26 KB
27 KB 41ms
41ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1444708581803167745/9PSC7eBA?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CDE) /

Resource Hash

c2e34fc2140f05ce93149941d78a2c8c8f53540ea8692d3b0e13a5fb949fe69e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:07:22 GMT
x-content-type-options: nosniff
age: 42973
x-cache: HIT
content-length: 27012
surrogate-key: card_img card_img/bucket/1 card_img/1444708581803167745
last-modified: Sun, 03 Oct 2021 16:57:01 GMT
server: ECS (mil/6CDE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8da3147084c8ed3bd59becf9a9e3db8436c4c6c2515ac4803c5f8f1bd6f1ac63
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK stat.gif
referrer.disqus.com/juggler/ 43 B
295 B 99ms
99ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/stat.gif?event=failed_recommendations.server.undefined

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 05:07:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 316 B
750 B 241ms
47ms XHR
text/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 9ffe7284215b880be9c11fb75d702d4288689fbcaa5f5794671200a86580bc04

Request headers

Referer: https://manuelabreuo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 04 Oct 2021 05:07:22 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://manuelabreuo.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 316
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame A32A
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
571 B

7ms
7ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6763) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://manuelabreuo.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 294959
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Oct 2021 05:07:22 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 30 Sep 2021 19:09:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6763)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Mon, 04 Oct 2021 05:07:22 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Mon, 04 Oct 2021 05:07:22 GMT
x-transaction: 040ab5436901a4d5
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-connection-hash: 8d318120625af21d1678a9555922f68e0a3cef5592905b146bc3332915b49672

GET
H2 200 y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js Show response
pagead2.googlesyndication.com/bg/ Frame 75B8 35 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbf1a9489083789521cb679dc2a8aa50b5e385e320455234f497e90f83bc1f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 17:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13365
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 03 Oct 2022 17:01:31 GMT

GET
H/1.1 200
OK sync.gif
links.services.disqus.com/api/ 43 B
375 B 38ms
38ms Image
image/gif 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Oct 2021 05:07:22 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 98 B
531 B 48ms
33ms XHR
text/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: b6b22cf62f412fe10163024d3ee932a19d4c41aec0568cc75e93c4ae9d5909f5

Request headers

Referer: https://manuelabreuo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 04 Oct 2021 05:07:22 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://manuelabreuo.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 29ms
29ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210928&jk=1662101260115117&bg=!7O-l76vNAAZE-GIIRPg7ACkAdvg8Wib9oi4sbxHRmDHOxfaKWMBt_uJPAV93U0PI2GNoa8DaikkztgIAAAC5UgAAAApoAQcKAG-XJ0qgHNXTTLcz1RsdyMX1CFYaTKNJKBTmLQdPhutIacJlJV9MopdV4uA49xoFBwEnEAMdngI-HURsQJ13Mgbq7_scke_P6-q1cuolc6LczCgdwbjUf_I-ltWCcQnaAKj-rvd989PHcJ7b0CChReyZAqT1LgPKU815TATdJ5eGoXRqK6IjuBXRr64hk4-DdpDDTAth8PZlk0bVYKQBg2_ZL1hxRRCIK6GM8Pry3TtQgZEAakg6_JHIU76H4_bD2oNd0il8gCD6MGlA-s4XbUZOR6_XwVXnAjGmG3Phouk3S8Ixgy2Y530OM4Fj0uytcxl7Yk_MiRuIqnNdg0uOlo4m9IqzAhaArw9FxV4HUIUj4G8iMPVIHgLPKr6wTeuYZkMaSl6hkMDsIo0fCzT9Nr8vvkj53-ItHWsAbAuMuA_uOK-nRC2qhcf3MRgujscJ_2Zb-vlngUtzWICPrl-TMkU30EtGLejprwT4PBHsyNAFNhjwxVD5nmmUOhqmcTO9qJy3S5A4rWWkZFQluz7SfwV4ATsEsoNHm_xtl42Sn7MJtJPbu7zhrux7b-l1Zn9B3ycY2h774bu9FtGCQ-eBCq5TyMgq5lNpej_a9so2ko7gMfwkH8OOxCxxnHbwxwoIUhRU9b9y-nUvchVigQXpI3AeNG_OPO5WFbfffceJMytRcI86wDI2shq2N_PbP5d2ce-SndMoysAgxBD5nJ-iXV-3p9p63E6kJUUteGboxGO37ZvaBAkhN6b3wAsxgD1F8SCrkjUy1wRAA7-j850fYc_PDzFjwPCCDOsSbAD1Wg2-8V2-qsx8vY5gywIDcPR87uuF0BXspQ09W8o5VkSImj0sIEdzYP3TTQKPVQxZgxrqn6MTZIacPF9DlGQZGWaMG91yjj7EItPOufQ2j5wpPd6co4P6hZ-uKesaBgxzEu3qJ9LxU0wEz7jKxPF1zuTpcxpyjmIGgOzDhbJdHNt9LQ8Ool9pEEBjg4QS74Jp8NN4O0-yKCCT-A23ytZKLRP84v70xXx479OmRcVWlZLIKkA-6vrDzqX0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://manuelabreuo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mql5.com/	1970-01-23 15:20:53	Name: _fz_uniq Value: 587101113085722120
.doubleclick.net/	1970-01-19 21:42:04	Name: test_cookie Value: CheckForPermission
.manuelabreuo.com/	1970-01-27 05:01:16	Name: _fz_uniq Value: 6364008142555446792
.manuelabreuo.com/	1970-01-27 05:01:16	Name: _fz_fvdt Value: 1633324040
.manuelabreuo.com/	1970-01-19 21:42:05	Name: _fz_ssn Value: 1633324040269298454
.manuelabreuo.com/	1970-01-20 07:03:40	Name: __gads Value: ID=1b8e329d8dee3c4f-22a5aca5e4ca0080:T=1633324040:RT=1633324040:S=ALNI_MYG9UU732nCtzGy5ZbClI3OpftsYA
.facebook.com/	1970-01-19 23:51:40	Name: fr Value: 0wuKNU5HWPu7LFsht..BhWowJ...1.0.BhWowJ.
.manuelabreuo.com/	1970-01-20 15:13:16	Name: _ga Value: GA1.2.904790560.1633324041
.manuelabreuo.com/	1970-01-19 21:43:30	Name: _gid Value: GA1.2.1060644572.1633324041
.manuelabreuo.com/	1970-01-19 21:42:04	Name: _gat_gtag_UA_98281748_1 Value: 1
disqus.com/	1970-01-19 21:42:05	Name: __jid Value: 31k8t9f294e62t
.disqus.com/	1970-01-20 06:27:40	Name: disqus_unique Value: 31k8tas12iqnhr

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://manuelabreuo.com/el-grupo-ruso-turla-apt-despliega-un-nuevo-backdoor-en-los-sistemas-objetivo/valid-rss-rogers.png Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
abs.twimg.com
adservice.google.com
adservice.google.de
c.disquscdn.com
c0.wp.com
cdn.syndication.twimg.com
cdn.viglink.com
connect.facebook.net
content.mql5.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
links.services.disqus.com
manuel-abreuo-1.disqus.com
manuelabreuo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
platform.twitter.com
referrer.disqus.com
static.addtoany.com
stats.g.doubleclick.net
syndication.twitter.com
ton.twimg.com
tpc.googlesyndication.com
tracker.metricool.com
translate.google.com
translate.googleapis.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.244.42.72
142.250.181.226
151.101.192.134
192.0.77.37
199.232.192.134
199.232.196.64
199.232.198.49
2600:9000:223e:200:6:8656:f5c0:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:2794
2606:4700:20::681a:290
2606:4700::6810:a20d
2a00:1450:4001:802::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9d
2a03:2880:f01c:20e:face:b00c:0:2
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
50.31.188.103
78.140.180.86
00b88bcb9bbf42aae863145805135f750d38540671a6db0cf38eee3d96133934
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
017e98cffe38931c6f72ef3b0a2cd8224918bf35f5e5ffa9b033abfb68afb159
01ba42c5d1434570028d883d465c24b5f70b1966ccfd8344be7a74295a39adf0
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02b622c0adf00b61eab8f7d68c0de9c2e16e6ac400df3c75aa7925bc7bcad657
02e1294d823bafcd6ec6f15dc23370b5088cded5ece1e326eff8c3f262f5efb1
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
05b3173f8cead174c80af5972e34b555a6ea2883e309bf3d3acf55a182a25cc3
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98
0bca4cf4c1446c405f957853bb39db7ef38442c7995f22c2d0d08bceca00147c
0c4076beed3aba8b2b71e0bf30e38e281ce87a8b231d508f0f65bf9cc4d75822
0e1b7f89b730a73aa2364bc194d2a1b448f0c32106f7514a939be067c1f27614
0f7f45f6dee41387bca54f84c660dd1ecc1a0efd402dcd9ed86fa16c1a8fe1da
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1228473d48078c846c1973fa1ae37eab100653b49c20952db5c2a0d426f6b7f5
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
198a9c0dd0138d27a38cf28df0042d77f4adf16b6de4bb4a95e9f4303a026aa6
1b11f2c81cddaa0d12147ff5fbecdec023a921b64088411da37f81915b8b4b40
1b9154929df5872c90a4c470f4e0cd9600cda531d5e19d3cf18899d18c465426
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1bf7bfbe582e1f0b86f9307e21bb88f5e37dc69caa168dd01ad035a172452a0c
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
29755d0064a5aff632ac901dd1dc4189ba2b2313dc48e91b028ce4c490e432c1
2a824cf96d621b38e00579970aa7ee6ffe547d58291d7ba1d381cbf58bf18fa3
2c038fa1aaa4d38dc4dd6a92d02502c02175a0826ca6e706bd16fd65d9a389b1
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e41173caa9ca786a3c82c04fb31225fe46b00fa192ef86ee8c81fc84da17b0f
30ebe86ee66f181317d9669e0530fc4fcb459005996595c73993c1e7fb0022e4
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
33e25cc1be39833c2c794365245c788bf9e1fe8b79ccd0798105faf4f27c48d1
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3785ae086a07e767ac63a61d7783243d180378f78d133921d65a1901f1a00451
3a88b8f933bbace621183c330b2bbf86fd24f8ce10649f568e1edeeaeb531865
3ae0b8b65d5d2cc70686cac4bc8ef5fd49cabe99a0a89a7a6b1b6ade8faad86a
3b6b1e66a2672400ee2446a78370a61dc625de1ee24d609c005c1f3b77b4b345
3ceb727c5f967ea12ca4e16caad6bab91d9756a9a4b08dba5672e2ee525a695e
3d9f7a598b2ddfaf7de412b6561c790cec3791e23db90b90cdc6f44b319f678a
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
3f367271866a0ad4fed6b53b24b546431b30630029944dc2259204e51e327e7d
3fba5669aa7f7344403040251907473436e12f66a71bc6b8e49825684207abd1
4028750e7b37de9ff30e9359b4bcd6b64159656332dd056677121f3cfe022cc5
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
43917ca6d5465edd18102acbf08b54aa921622c6c6ed0c1a569939be644375b6
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
478823b79d2f830725e8e69079313a3dde42a265ba96e4cfb3a9dd562cbc6318
4acc4776834a9ff2857f6e2cb2f596f7fc80db4bf5c5adeb54be7d6ee77cce42
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
508668abcc6326f78d4e02a8fcc81878a04ea7f34a93531cc087b9c77ebe6db9
510116996dc4979a225c07962d84bb76e2b6340234c2c5e4280596ad08a632cb
5116f7d07677f06785887c0af23c189b541a306d6b792d605ffaf3ed9f0e912d
51ca2b4f39594037063f56b9e7854bbb5230f616a54963ec3850ab7ebf292fc0
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
53aa25d22b04cbad3939922330b5e5b97a8458c3079118c22f728cb4361f66d6
556172885a172763c715eace05597d5575ee4d4f2df6b61d723f4666b0a730a9
560600c91660e4055a3681cd8fa3412d472a9685dcb6420ff5c168d614b2f23f
5891e55220292a57e0a1f14ccd705dde5d8a89247895e56c4f6b13b55d3fe7a2
594f333e3a8fe65a0466e4f9c140dab97e6b6a073579edf130a87b86614d7ec8
5a0ec3312dfd12a42eb57895f15dbb1defb0b20a868353623231639a033eaa69
5ae9561f31199bf8a892f797a69db1bc5d477e2f8318f2b7e95487f025f66f28
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5fae79754e7af92e6afadc3060797e3d35188221e60d63d0625f66cf921e7ebb
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6155d1450ae5f20ee3577205f706ee61b308332ca81abaf890d32c72f3454a6e
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
63729e0af4581d732b3546d3fcc4e1351af57e10b30d9661e094f6fa86b2e4af
63fc3877654b51188acdbe5e87d3a9ef7362219da3c614c5e2d705b06b264dc8
679b6fc7e77901ee3f5ef60d00c62a52c787a2435ec17f080b9648ec8b49faa5
70684e6f3d83eed95d1cba7429bedaf96898ce516bb255da4c658f826f8c5bee
71c1670fba39ad825038a3ed3aaf6f5cf50fc0686b79e36f546d16d26df21d46
7238c60c4bf5bd2b95b6c34fb2df312bb1b895446a0fc6de4e7c1ba3165a951a
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7295ac4fe4246ec488c66ac830335ab49e417c3ea87962ff41165b42415ea679
7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62
7d440f4e69151e3050faa450d4b5600f01ced6de0a3ed2b0582880b4e9ab2da7
80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf
831eaf3d41999b6ff2d8371d02f310b96602819eaf7e4079415a602292ca7bb2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87c852ee17bc218f2e77b07f9bb20898e5af39c467e2175c8e0fa70dbb987a35
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
884f6241e9bcf7cecaa9aa48ba3659e853621941f77696b212a8184ca73d9feb
89ca421d4bf7c88842d1f7b7c5658b71df8f7e84c4aab64a061a48a86d731edb
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8a75a70065779ed5a70268e60cebc3cb3a4224f632ddd193bd451c52d3168cba
8b732be2a9212aa57b377017bcc8f1daa5e25c5653f9889de3da60b72d2aab0e
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9534892f50bf74875886445aa51107aa750225cac94d45b7948f17ef09db7439
964794272aa168ce3feac3a84460c1beb01606da0e303689b8aee75fb354117d
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
97e08b41dc9a5934da7c16b4c915c50ecd6173080f6056cfb0c965863f8d5cd6
98ff7c83df6bf9b01cd51e16814ea36ee5ec7fee4307cdc1c4e4d018ad6df849
9b1b44cfa514d049c4872b3334f9b7032502ea3b3ed3b664f51990d5e56fe0fb
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
9ffe7284215b880be9c11fb75d702d4288689fbcaa5f5794671200a86580bc04
a0e73747cb3e98969c0b69376f490e255a49e03078bd70e1cf4914b6afb4fd0d
a367c417eb444e2df2605d5f3ae2fc05ed7a5565f15e60a6ccbcad6a99147fee
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d56d6bc1db8f92c26100f8ce9a23d9847879d75d05eee76ba26b529c77d1cc
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a64e1f9e83146017753f03a69c52c2b125469fa2e17c390c52794b8dc948ec17
ac7473af8ce98baecc5897c1fff105643accee11f5c67dfd500f6f725b19c333
ad3afa9c7beee612fdc68691d25b36dda934204a3d8916ff3d14df83548a0f84
ae0612b2b84cdc05051aa92e5986a505444d6bd5ce84f1c7f448b36c2282b642
afe004857b15f063cd93531f45ca2a9862083afcdcb92290ca5d0af1c8c97cdd
b0f4c358afcce0ddcde029e72ea2d6054eece0ce5a34c9a7e0c5761ff4f33a25
b4e62a8daa779d16b2c25d343db85f6501e334632b0eeafd7d9f5bc5b8f96367
b6b22cf62f412fe10163024d3ee932a19d4c41aec0568cc75e93c4ae9d5909f5
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b91ad5506ed00a60764606f344fca85b8303d79c0ab518a50b5b2ce14788ad8c
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
b9c5385fe2a7178bca062410e40f687d8656be20d0db09643c1df7eef914a4a5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be55af125bfeef71762a4b5888bc4ddca2de20a4020b1cf9fb96e6d9967329e4
be9ece6df2a1f00f3644d9a0df2f4f89aac99f172f8648853aa5d420749a24fd
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf649fa081d79623feaf91f65faf07054dc647acae9c56ca26f46a7c9537f749
c0abf5a259b4f6fdc07bd311c52b87ed26ac42290939d31e9f0053fe03a0e262
c18c7bd2947e12105e9a5fe5c317987bd0fb915bf9c985de41277f2411f5a8be
c2280dd6ace027b497d9561194ce375df200cd3b2aa5f5fbe8dfebce0e2fa0b5
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c2e34fc2140f05ce93149941d78a2c8c8f53540ea8692d3b0e13a5fb949fe69e
c443a66de7fa750b1d4ae8c8f37255b1c6931ff1b01daf5eb982dd49bb7a73b3
c590b89e3b8e4ff584b6d419e4b8f77ae1b07477033860239e3c3a4ec37f63fe
c6086194c597846d8e03275fbeee31b57aab91d65edb162c4d9e1b379016377d
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c719b5b6a2ac067b351fcf2a9b3a932d0a2970bb464866b1d4972eae79d5e18c
c76acf617134cb6e27624b31a168629c1ef952646641f9c4b1d511c10f0ac8bc
c85118fdaf63514c88e841b8debbbec7ef0baefec99f7a7aa125744e8e260f06
cb8dcc1c739f349114292341d10b77c2a80ab92aabe5dc8863cadeb147021156
cbf1a9489083789521cb679dc2a8aa50b5e385e320455234f497e90f83bc1f48
cd5f02f39f36c893f9a19d6b06ff312c0d1b9d8496000896a1c01776e229bb21
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df
d1b268344fa3a7ee27d6efbbcabd6d4f5214294120de1c2c85b6b0979e22e9ab
d29cb7bdc31139a0986b5416e0328d414f7154dbe6768caabd778198ee27d889
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
d8fd8f477b9e6eeabdb8a7a82c5d4ad22ef274c40c75edfa74c74cbaad7beec4
da8699cd256bcb4c4e509eb5e911a4e403225116254826ecb878d108c9086ee7
dafd42a36ee9b0ce81fd16f4b5799f65d4848c1a11fb2434478e863bfaff6f41
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de55d99fa5a7d65e5490872636e9d96d8b2fb1d0c547b15c2910b95c4aa2a2cc
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f9d45110f6534fe8f65ebee07c9c6a1dce6e5ae6433265d22940a7f43b6870
e6c6b1d1a62f26874168c3e7c31823e9143c45d42506f1c854cf1214254801d3
e6e414be03c0ed1bbbf0d19b1f8f2bd92e152d6b768877a8c9daf7d3a0be6ff3
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
ebb47fd79ee856806fec5c85f947b3a908cbe3cfef92099fa4c9b481f092f6f7
ece2f1e49029966317aca28a7ef0c89f3149eb3a5aad1b279d84f14002511cff
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ee35c5444e8eafd19fb33246e122168e3db42a46d4e3b8c88548eaaf30d17dc0
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04f3c80cadae1951a8ba125a81ed0c6a75a258f8473738a4952ea0f59d13c97
f154ad0a779cdcbfe1cb4e5df7f12695b16ed0839247ae9622663c3859e20ec8
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
f501ecbfab69d254eecc911da3bbc55b31ac29a835b523fc05310cff8ca1147b
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fa8d3d729a7d973ed58878af9474ad16dfc74dd37bbc24431ebbd1a43fe80a8b
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

manuelabreuo.com Open in urlscan Pro 50.31.188.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

198 Requests

100 %HTTPS

74 %IPv6

21 Domains

37 Subdomains

37 IPs

4 Countries

3363 kBTransfer

6096 kBSize

12 Cookies

16 Outgoing links

Redirected requests

198 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

manuelabreuo.com Open in urlscan Pro
50.31.188.103 Public Scan

Screenshot
Live screenshot

Full Image

198
Requests

100 %
HTTPS

74 %
IPv6

21
Domains

37
Subdomains

37
IPs

4
Countries

3363 kB
Transfer

6096 kB
Size

12
Cookies

198 HTTP transactions
13 data transactions