urlscan.io logo urlscan.io
SecurityTrails logo

securelist.com Open in urlscan Pro
35.184.29.71  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kas.pr/rhi6
Effective URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Submission: On February 21 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 5 countries across 17 domains to perform 52 HTTP transactions. The main IP is 35.184.29.71, located in Mountain View, United States and belongs to GOOGLE - Google LLC, US. The main domain is securelist.com.
TLS certificate: Issued by thawte EV SSL CA - G3 on June 8th 2017. Valid for: a year.
This is the only time securelist.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 77.74.178.24 200107 (KL-EXT)
3 35.184.29.71 15169 (GOOGLE)
25 108.161.188.224 54104 (AS-STACKPATH)
1 2.18.233.186 16625 (AKAMAI-AS)
1 216.58.214.36 15169 (GOOGLE)
1 2 199.96.57.6 13414 (TWITTER)
1 104.244.43.16 13414 (TWITTER)
2 23.38.57.103 20940 (AKAMAI-ASN1)
1 54.204.38.141 14618 (AMAZON-AES)
3 185.60.216.19 32934 (FACEBOOK)
1 2 172.217.22.46 15169 (GOOGLE)
2 104.20.21.239 13335 (CLOUDFLAR...)
1 216.58.214.46 15169 (GOOGLE)
1 172.217.16.195 15169 (GOOGLE)
1 199.15.215.117 53580 (MARKETO)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
1 74.125.133.155 15169 (GOOGLE)
1 185.60.216.15 32934 (FACEBOOK)
1 93.158.134.227 13238 (YANDEX)
2 185.60.216.35 32934 (FACEBOOK)
1 52.48.148.112 16509 (AMAZON-02)
52 21
1    77.74.178.24 (Russian Federation)

ASN200107 (KL-EXT, RU)
kas.pr
3    35.184.29.71 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 71.29.184.35.bc.googleusercontent.com
securelist.com
kasperskycontenthub.com
25    108.161.188.224 (Los Angeles, United States)

ASN54104 (AS-STACKPATH - netDNA, US)
cdn.securelist.com
1    2.18.233.186 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
cdn.optimizely.com
1    216.58.214.36 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s09-in-f4.1e100.net
www.google.com
2    199.96.57.6 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
platform.twitter.com
1    104.244.43.16 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
static.ads-twitter.com
2    23.38.57.103 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-57-103.deploy.static.akamaitechnologies.com
munchkin.marketo.net
1    54.204.38.141 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-204-38-141.compute-1.amazonaws.com
3431070370.log.optimizely.com
3    185.60.216.19 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    172.217.22.46 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f14.1e100.net
www.google-analytics.com
2    104.20.21.239 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
rum-static.pingdom.net
rum-collector.pingdom.net
1    216.58.214.46 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s09-in-f14.1e100.net
apis.google.com
1    172.217.16.195 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f3.1e100.net
www.gstatic.com
1    199.15.215.117 (San Mateo, United States)

ASN53580 (MARKETO - MARKETO, Inc., US)
802-ijn-240.mktoresp.com
1    104.244.42.197 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
1    104.244.42.3 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com
1    74.125.133.155 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: wo-in-f155.1e100.net
stats.g.doubleclick.net
1    185.60.216.15 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
graph.facebook.com
1    93.158.134.227 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: share-proxy-balancer.stable.qloud-b.yandex.net
share.yandex.ru
2    185.60.216.35 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    52.48.148.112 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-148-112.eu-west-1.compute.amazonaws.com
rum-collector-2.pingdom.net
Domain Requested by
25 cdn.securelist.com securelist.com
cdn.optimizely.com
cdn.securelist.com
3 connect.facebook.net securelist.com
connect.facebook.net
2 www.facebook.com securelist.com
2 www.google-analytics.com 1 redirects securelist.com
2 munchkin.marketo.net securelist.com
munchkin.marketo.net
2 platform.twitter.com 1 redirects securelist.com
2 kasperskycontenthub.com securelist.com
1 rum-collector.pingdom.net
1 rum-collector-2.pingdom.net rum-static.pingdom.net
1 share.yandex.ru cdn.securelist.com
1 graph.facebook.com cdn.securelist.com
1 stats.g.doubleclick.net securelist.com
1 analytics.twitter.com static.ads-twitter.com
1 t.co securelist.com
1 802-ijn-240.mktoresp.com munchkin.marketo.net
1 www.gstatic.com www.google.com
1 apis.google.com securelist.com
1 rum-static.pingdom.net securelist.com
1 3431070370.log.optimizely.com cdn.optimizely.com
1 static.ads-twitter.com securelist.com
1 www.google.com securelist.com
1 cdn.optimizely.com securelist.com
1 securelist.com
1 kas.pr 1 redirects
52 24
Subject Issuer Validity Valid
securelist.com
thawte EV SSL CA - G3		 2017-06-08 -
2018-06-20		 a year crt.sh
cdn.securelist.com
Thawte RSA CA 2018		 2018-02-06 -
2019-02-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Frame ID: (4AEEAF2E486238B21A2D01B255AA31D1)
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://kas.pr/rhi6 HTTP 301
    https://securelist.com/a-slice-of-2017-sofacy-activity/83930/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • env /^Hammer$/i
Overall confidence: 100%
Detected patterns
  • script /munchkin\.marketo\.net\/munchkin\.js/i
  • env /^Munchkin$/i
Overall confidence: 100%
Detected patterns
  • script /optimizely\.com.*\.js/i
  • env /^optimizely$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • env /^Recaptcha$/i

Page Statistics

52
Requests

50 %
HTTPS

0 %
IPv6

17
Domains

24
Subdomains

21
IPs

5
Countries

1636 kB
Transfer

2679 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kas.pr/rhi6 HTTP 301
    https://securelist.com/a-slice-of-2017-sofacy-activity/83930/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://platform.twitter.com/oct.js HTTP 302
  • https://static.ads-twitter.com/oct.js
Request Chain 43
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&aip=1&a=1381954720&t=pageview&_s=1&dl=https%3A%2F%2Fsecurelist.com%2Fa-slice-of-2017-sofacy-activity%2F83930%2F&ul=en-us&de=UTF-8&dt=A%20Slice%20of%202017%20Sofacy%20Activity%20-%20Securelist&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1182162775&gjid=853955715&cid=384797415.1519229380&tid=UA-15857463-1&_gid=890146806.1519229380&_r=1&cd1=GReAT&cd2=83930&cd3=2018-02-20&cd4=Featured%2C%20Publications&cd5=APT%2C%20Backdoor%2C%20Campaigns%2C%20Cyber%20espionage%2C%20Nation%20State%20Sponsored%20Espionage%2C%20Sofacy%2C%20Targeted%20Attacks%2C%20Vulnerabilities%20and%20exploits%2C%20Zero-day%20vulnerabilities&z=1736066641 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15857463-1&cid=384797415.1519229380&jid=1182162775&_gid=890146806.1519229380&gjid=853955715&_v=j66&z=1736066641

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
securelist.com/a-slice-of-2017-sofacy-activity/83930/
Redirect Chain
  • http://kas.pr/rhi6
  • https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
63 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.184.29.71 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
71.29.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9d982177b3d60b7efdc63e96c480bab3d1f4ba0e14d7f78482fee4850cf65f9e
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.com https://*.mktoresp.com https://*.optimizely.com https://*.pingdom.net https://*.reddit.com https://*.securelist.com https://*.youtube.com https://cdn.securelist.com https://hn.algolia.com https://kasperskycontenthub.com https://securelist.com https://www.google-analytics.com; default-src 'self' https://*.securelist.com https://cdn.securelist.com https://kasperskycontenthub.com https://kasperskycontenthub.com/securelist https://securelist.com; font-src 'self' data: https://*.gstatic.com https://*.securelist.com https://*.wp.com https://cdn.securelist.com https://fonts.googleapis.com https://fonts.gstatic.com https://kasperskycontenthub.com https://securelist.com; frame-src 'self' https://*.addthis.com https://*.facebook.com https://*.google.com https://*.instagram.com https://*.libsyn.com https://*.marketo.com https://*.securelist.com https://*.sharethis.com https://*.slideshare.net https://*.twitter.com https://*.wp.com https://*.youtube.com https://cdn.securelist.com https://kasperskycontenthub.com https://player.vimeo.com https://s-static.ak.facebook.com https://securelist.com https://www.brighttalk.com; img-src 'self' data: http://*.netdna-cdn.com http://*.wordpress.com http://*.wp.com http://forum.kasperskyclub.ru http://i0.poll.fm https://*.addthis.com https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.com https://*.gravatar.com https://*.gstatic.com https://*.instagram.com https://*.netdna-cdn.com https://*.netdna-ssl.com https://*.securelist.com https://*.sharethis.com https://*.staticflickr.com https://*.twimg.com https://*.twitter.com https://*.wordpress.com https://*.wp.com https://*.ytimg.com https://addevent.com https://blog.kaspersky.com https://cdn.securelist.com https://csi.gstatic.com https://d1srlirzdlmpew.cloudfront.net https://geo.yahoo.com https://images.telechargement.fr https://instagramimages-a.akamaihd.net https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://maps.googleapis.com https://player.vimeo.com https://polldaddy.com https://rum-collector.pingdom.net https://s.w.org https://scontent.cdninstagram.com https://securelist.com https://stats.g.doubleclick.net https://t.co https://threatpost.com https://track.addevent.com; object-src 'self' https://*.securelist.com https://kasperskycontenthub.com https://player.vimeo.com https://polldaddy.com https://securelist.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.addevent.com https://*.addthis.com https://*.cloudfront.net https://*.crazyegg.com https://*.demdex.net https://*.facebook.com https://*.facebook.net https://*.flickr.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.gravatar.com https://*.gstatic.com https://*.instagram.com https://*.kaspersky.com https://*.marketo.com https://*.marketo.net https://*.optimizely.com https://*.polldaddy.com https://*.securelist.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.woopra.com https://*.wp.com https://addthisevent.com https://assets.adobedtm.com https://cdn.optimizely.com https://cdn.securelist.com https://connect.facebook.net https://connect.mail.ru https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.addthisedge.com https://munchkin.marketo.net https://player.vimeo.com https://rum-static.pingdom.net https://script.crazyegg.com https://securelist.com https://share.yandex.ru/ https://static.ads-twitter.com https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.googletagmanager.com https://www.linkedin.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.gravatar.com https://*.kaspersky.com https://*.marketo.com https://*.securelist.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.wp.com https://cdn.securelist.com https://fonts.googleapis.com https://kasperskycontenthub.com https://s0.wp.com https://secure.gravatar.com https://securelist.com; report-uri https://kasperskycontenthub.com/securelist/csp_report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/a-slice-of-2017-sofacy-activity/83930/
accept-encoding
gzip, deflate
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
:authority
securelist.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
default
date
Wed, 21 Feb 2018 16:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES:14400.000
x-pingback
https://securelist.com/xmlrpc.php
x-cache
HIT: 52
status
200
vary
Accept-Encoding,Cookie
x-xss-protection
1; mode=block
x-cache-group
normal
wpe-backend
apache
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-ua-compatible
IE=Edge,chrome=1
content-security-policy
connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.com https://*.mktoresp.com https://*.optimizely.com https://*.pingdom.net https://*.reddit.com https://*.securelist.com https://*.youtube.com https://cdn.securelist.com https://hn.algolia.com https://kasperskycontenthub.com https://securelist.com https://www.google-analytics.com; default-src 'self' https://*.securelist.com https://cdn.securelist.com https://kasperskycontenthub.com https://kasperskycontenthub.com/securelist https://securelist.com; font-src 'self' data: https://*.gstatic.com https://*.securelist.com https://*.wp.com https://cdn.securelist.com https://fonts.googleapis.com https://fonts.gstatic.com https://kasperskycontenthub.com https://securelist.com; frame-src 'self' https://*.addthis.com https://*.facebook.com https://*.google.com https://*.instagram.com https://*.libsyn.com https://*.marketo.com https://*.securelist.com https://*.sharethis.com https://*.slideshare.net https://*.twitter.com https://*.wp.com https://*.youtube.com https://cdn.securelist.com https://kasperskycontenthub.com https://player.vimeo.com https://s-static.ak.facebook.com https://securelist.com https://www.brighttalk.com; img-src 'self' data: http://*.netdna-cdn.com http://*.wordpress.com http://*.wp.com http://forum.kasperskyclub.ru http://i0.poll.fm https://*.addthis.com https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.com https://*.gravatar.com https://*.gstatic.com https://*.instagram.com https://*.netdna-cdn.com https://*.netdna-ssl.com https://*.securelist.com https://*.sharethis.com https://*.staticflickr.com https://*.twimg.com https://*.twitter.com https://*.wordpress.com https://*.wp.com https://*.ytimg.com https://addevent.com https://blog.kaspersky.com https://cdn.securelist.com https://csi.gstatic.com https://d1srlirzdlmpew.cloudfront.net https://geo.yahoo.com https://images.telechargement.fr https://instagramimages-a.akamaihd.net https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://maps.googleapis.com https://player.vimeo.com https://polldaddy.com https://rum-collector.pingdom.net https://s.w.org https://scontent.cdninstagram.com https://securelist.com https://stats.g.doubleclick.net https://t.co https://threatpost.com https://track.addevent.com; object-src 'self' https://*.securelist.com https://kasperskycontenthub.com https://player.vimeo.com https://polldaddy.com https://securelist.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.addevent.com https://*.addthis.com https://*.cloudfront.net https://*.crazyegg.com https://*.demdex.net https://*.facebook.com https://*.facebook.net https://*.flickr.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.gravatar.com https://*.gstatic.com https://*.instagram.com https://*.kaspersky.com https://*.marketo.com https://*.marketo.net https://*.optimizely.com https://*.polldaddy.com https://*.securelist.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.woopra.com https://*.wp.com https://addthisevent.com https://assets.adobedtm.com https://cdn.optimizely.com https://cdn.securelist.com https://connect.facebook.net https://connect.mail.ru https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.addthisedge.com https://munchkin.marketo.net https://player.vimeo.com https://rum-static.pingdom.net https://script.crazyegg.com https://securelist.com https://share.yandex.ru/ https://static.ads-twitter.com https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.googletagmanager.com https://www.linkedin.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.gravatar.com https://*.kaspersky.com https://*.marketo.com https://*.securelist.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.wp.com https://cdn.securelist.com https://fonts.googleapis.com https://kasperskycontenthub.com https://s0.wp.com https://secure.gravatar.com https://securelist.com; report-uri https://kasperskycontenthub.com/securelist/csp_report
link
<https://securelist.com/wp-json/>; rel="https://api.w.org/" <https://securelist.com/?p=83930>; rel=shortlink
x-pass-why

Redirect headers

Pragma
no-cache
Date
Wed, 21 Feb 2018 16:09:38 GMT
Server
X-Powered-By
Kaspersky Labs Kaspersky Labs
Content-Type
text/html; charset=UTF-8
Location
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Cache-Control
max-age=0, must-revalidate, no-cache, no-store, private
X-Server
msk1/
Set-Cookie
laravel_session=eyJpdiI6IkFoVHh1U1NiRXFZRTNUYUJpUTd6OEFmaXhuQmtMdUttYU9aQ0owUkVURXM9IiwidmFsdWUiOiJHaG90WCtSVXJJYXZ5VThGNkI1Nkx4UlwvVkU5Rldla1wvMDJuZGE0UUxsR1g4d0tobzRSVFlidk95Y2t3RGM0ODNMaVVTWTNoNmV4NCtQeFZ6TFlVRDNnPT0iLCJtYWMiOiJhYzFiZjViOGZiMGE2OGQ2MjA2MTZjNmFjMDkzYjkwMDJmYWYzNzdmMzdiZGE5OTMxNzlmOTczM2JiZDkxYTgzIn0%3D; expires=Wed, 21-Feb-2018 16:24:36 GMT; Max-Age=900; path=/; httponly ClientRouteKasPr=7e63c3d7585775754962240985a4d0ed0aff986077e1476e2a45abcbd6acf1de;Path=/;Domain=kas.pr
Content-Length
488
/
cdn.securelist.com/wp-content/plugins/bwp-minify/min/ 		153 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
319fd01db1a83a39f5de679fd76b032c5e8460669d478ed144adf957cdb57f8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
long-cache
date
Wed, 21 Feb 2018 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES:14400.000
access-control-allow-origin
*
x-cache
HIT
status
200
x-cache-group
normal
x-pass-why
last-modified
Fri, 09 Feb 2018 14:47:59 GMT
server
NetDNA-cache/2.2
vary
Accept-Encoding,Cookie Accept-Encoding
content-type
text/css; charset=utf-8
x-wpe-loopback-upstream-addr
127.0.0.1:6789
cache-control
max-age=14400, must-revalidate public, max-age=2592000
wpe-backend
apache
expires
Wed, 21 Feb 2018 21:44:49 GMT
/
cdn.securelist.com/wp-content/plugins/bwp-minify/min/ 		387 B
641 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/taxonomy-images/css/style.css&ver=1519163066
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
484aee1b81286040100dad5243407bd64be9aa7fc389b87ef2acd03451bc6888
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/taxonomy-images/css/style.css&ver=1519163066
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
long-cache
date
Wed, 21 Feb 2018 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES:14400.000
access-control-allow-origin
*
x-cache
HIT
status
200
x-cache-group
normal
x-pass-why
last-modified
Mon, 17 Apr 2017 06:14:49 GMT
server
NetDNA-cache/2.2
vary
Accept-Encoding,Cookie Accept-Encoding
content-type
text/css; charset=utf-8
x-wpe-loopback-upstream-addr
127.0.0.1:6789
cache-control
max-age=14400, must-revalidate public, max-age=2592000
wpe-backend
apache
expires
Wed, 21 Feb 2018 21:44:49 GMT
/
cdn.securelist.com/wp-content/plugins/bwp-minify/min/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1519163066
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
001020074fce061b86caeaebd1aeccff49b74d405137486eb293296f023519a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1519163066
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
long-cache
date
Wed, 21 Feb 2018 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES:14400.000
x-cache
HIT
status
200
x-cache-group
normal
x-pass-why
last-modified
Mon, 17 Apr 2017 06:14:49 GMT
server
NetDNA-cache/2.2
vary
Accept-Encoding,Cookie Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400, must-revalidate public, max-age=2592000
wpe-backend
apache
expires
Wed, 21 Feb 2018 21:44:33 GMT
jquery.js
cdn.securelist.com/wp-includes/js/jquery/ 		95 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.securelist.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
static/known
date
Wed, 21 Feb 2018 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 17 Apr 2017 06:14:51 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"58f45d5b-17ba0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
/
cdn.securelist.com/wp-content/plugins/bwp-minify/min/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=1519163066
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
4bcb339256ec1bd03bed9893ea9d2e91a14d7e04a68855f0ab1382ef10dee71a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=1519163066
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
long-cache
date
Wed, 21 Feb 2018 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES:14400.000
access-control-allow-origin
*
x-cache
HIT
status
200
x-cache-group
normal
x-pass-why
last-modified
Mon, 17 Apr 2017 06:14:49 GMT
server
NetDNA-cache/2.2
vary
Accept-Encoding,Cookie Accept-Encoding
content-type
application/x-javascript; charset=utf-8
x-wpe-loopback-upstream-addr
127.0.0.1:6789
cache-control
max-age=14400, must-revalidate public, max-age=2592000
wpe-backend
apache
expires
Wed, 21 Feb 2018 21:44:49 GMT
/
kasperskycontenthub.com/ 		0
380 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=43&siteid=1&t=1721940682&back=https%3A%2F%2Fsecurelist.com%2Fa-slice-of-2017-sofacy-activity%2F83930%2F
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
SPDY
Server
35.184.29.71 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
71.29.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
default
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
x-cacheable
YES:14400.000
x-cache
HIT: 2
status
200
vary
Accept-Encoding,Cookie
content-length
0
x-xss-protection
1; mode=block
x-cache-group
normal
wpe-backend
apache
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-ua-compatible
IE=Edge,chrome=1
accept-ranges
bytes
x-pass-why
3431070370.js
cdn.optimizely.com/js/ 		169 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/3431070370.js
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
HTTP/1.1
Server
2.18.233.186 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc45d801b16f020d160488367a368f1cb0bd2c18b35599c1de41f6a45cd92813

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-amz-version-id
xtT2ib4FNwGkpFFqGyE6FJJFIYFM5SGz
Content-Encoding
gzip
ETag
"3553a54925eade8ed063b94ef75ab499"
x-amz-request-id
63F78118E2E128D8
x-amz-meta-revision
33
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
61657
x-amz-id-2
Kmp6O8TUBo98EfFlwHDWMz4w+EZF4a+hBWAfOeSxAVdJCpXgpnc0QUfpQaa4kklhlX4cBpgyZsw=
Last-Modified
Sat, 29 Oct 2016 02:09:20 GMT
Server
AmazonS3
Date
Wed, 21 Feb 2018 16:09:39 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amz-meta-revision
Cache-Control
max-age=120
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
*
180220-sofacy-review-1.png
cdn.securelist.com/files/2018/02/ 		309 KB
309 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.securelist.com/files/2018/02/180220-sofacy-review-1.png
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
46fd82c5610248a423d5b857f67a9e6032b518be790eb0726199964f93edaa96
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/files/2018/02/180220-sofacy-review-1.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
static/backed
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Feb 2018 08:53:00 GMT
server
NetDNA-cache/2.2
status
200
etag
"5a8be1ec-4d2c5"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
316101
180220-sofacy-review-2.png
cdn.securelist.com/files/2018/02/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.securelist.com/files/2018/02/180220-sofacy-review-2.png
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
32ce924e0ba462bc30ad9636a624717273e0a8f3457cbd07038d61022c098005
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/files/2018/02/180220-sofacy-review-2.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
static/backed
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Feb 2018 08:53:07 GMT
server
NetDNA-cache/2.2
status
200
etag
"5a8be1f3-19f10"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
106256
180220-sofacy-review-3.png
cdn.securelist.com/files/2018/02/ 		333 KB
333 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.securelist.com/files/2018/02/180220-sofacy-review-3.png
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
377b5b56ee7907e720897135f9f450d79bb4f359e72d4df3a669ce6e54bb5f17
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/files/2018/02/180220-sofacy-review-3.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
static/backed
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Feb 2018 08:53:11 GMT
server
NetDNA-cache/2.2
status
200
etag
"5a8be1f7-5334d"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
340813
180220-sofacy-review-4.png
cdn.securelist.com/files/2018/02/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.securelist.com/files/2018/02/180220-sofacy-review-4.png
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f1d8c3208e90b9a68aca03cfe58c20357d5d7723ddf83d47bbbd3d4af08dadd8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/files/2018/02/180220-sofacy-review-4.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
static/backed
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Feb 2018 08:53:18 GMT
server
NetDNA-cache/2.2
status
200
etag
"5a8be1fe-e31e"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
58142
180220-sofacy-review-5.png
cdn.securelist.com/files/2018/02/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.securelist.com/files/2018/02/180220-sofacy-review-5.png
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
cb6e8cbdbffde6051b555a897c03af35a290a88d5e5ec22becb7553c13609b77
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/files/2018/02/180220-sofacy-review-5.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
static/backed
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Feb 2018 08:53:21 GMT
server
NetDNA-cache/2.2
status
200
etag
"5a8be201-ae38"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
44600
Banner_370x370_EN-1.jpg
kasperskycontenthub.com/securelist/files/2017/10/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kasperskycontenthub.com/securelist/files/2017/10/Banner_370x370_EN-1.jpg
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
SPDY
Server
35.184.29.71 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
71.29.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb5255e725fd8ad9c2fb13800e3de032b206fc6b37dd6afd3f83bbd20404bd2e

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
static/backed
date
Wed, 21 Feb 2018 16:09:39 GMT
last-modified
Fri, 20 Oct 2017 09:27:57 GMT
server
nginx
status
200
etag
"59e9c19d-6b15"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
27413
api.js
www.google.com/recaptcha/ 		696 B
501 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
SPDY
Server
216.58.214.36 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s09-in-f4.1e100.net
Software
GSE /
Resource Hash
169441c83fcabcbf2da051e96a3b2461eea26221fa7e9a42adc549195782890d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Feb 2018 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
403
x-xss-protection
1; mode=block
expires
Wed, 21 Feb 2018 16:09:39 GMT
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
SPDY
Server
104.244.43.16 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Feb 2018 16:09:39 GMT
content-encoding
gzip
age
58288
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-tw-fra1-cr1-12-TWFRA1
last-modified
Tue, 23 Jan 2018 19:05:33 GMT
x-timer
S1519229379.263188,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes

Redirect headers

date
Wed, 21 Feb 2018 16:09:39 GMT
via
1.1 varnish
status
302
vary
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
location
https://static.ads-twitter.com/oct.js
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-tw-fra1-cr1-20-TWFRA1
/
cdn.securelist.com/wp-content/plugins/bwp-minify/min/ 		108 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/css/formreset.min.css,wp-content/plugins/gravityforms/css/formsmain.min.css,wp-content/plugins/gravityforms/css/readyclass.min.css,wp-content/plugins/gravityforms/css/browsers.min.css,wp-content/plugins/gravityformsmailchimp/css/form_settings.css&ver=1519163066
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
443efbf367d2c260ea52c7dd8d4abba80f93fa69f24d523affce71a7a7ed32d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/css/formreset.min.css,wp-content/plugins/gravityforms/css/formsmain.min.css,wp-content/plugins/gravityforms/css/readyclass.min.css,wp-content/plugins/gravityforms/css/browsers.min.css,wp-content/plugins/gravityformsmailchimp/css/form_settings.css&ver=1519163066
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
long-cache
date
Wed, 21 Feb 2018 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES:14400.000
access-control-allow-origin
*
x-cache
HIT
status
200
x-cache-group
normal
x-pass-why
last-modified
Mon, 17 Apr 2017 06:14:49 GMT
server
NetDNA-cache/2.2
vary
Accept-Encoding,Cookie Accept-Encoding
content-type
text/css; charset=utf-8
x-wpe-loopback-upstream-addr
127.0.0.1:6789
cache-control
max-age=14400, must-revalidate public, max-age=2592000
wpe-backend
apache
expires
Wed, 21 Feb 2018 21:44:49 GMT
/
cdn.securelist.com/wp-content/plugins/bwp-minify/min/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/js/min/crayon.min.js,wp-content/plugins/visualizer/js/lib/clipboardjs/clipboard.min.js,wp-content/plugins/wds-no-login-autocomplete/js/script.js,wp-content/plugins/wds-securelist-widgets/js/jquery.mousewheel.js,wp-content/plugins/wds-securelist-widgets/js/jquery.antiscroll.js,wp-content/themes/securelist/js/jquery.tinycarousel.min.js,wp-content/plugins/wds-securelist-widgets/js/securelist-plugin-scripts.js,wp-includes/js/jquery/ui/core.min.js,wp-content/themes/securelist/js/jquery.magnific-popup.min.js,wp-content/themes/securelist/js/jquery.bpopup.min.js&ver=1519163066
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
6e4238aab544511ab6dc64c11b5ed1bb40304f5b94677c8b21fd33f75d8013e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/js/min/crayon.min.js,wp-content/plugins/visualizer/js/lib/clipboardjs/clipboard.min.js,wp-content/plugins/wds-no-login-autocomplete/js/script.js,wp-content/plugins/wds-securelist-widgets/js/jquery.mousewheel.js,wp-content/plugins/wds-securelist-widgets/js/jquery.antiscroll.js,wp-content/themes/securelist/js/jquery.tinycarousel.min.js,wp-content/plugins/wds-securelist-widgets/js/securelist-plugin-scripts.js,wp-includes/js/jquery/ui/core.min.js,wp-content/themes/securelist/js/jquery.magnific-popup.min.js,wp-content/themes/securelist/js/jquery.bpopup.min.js&ver=1519163066
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
long-cache
date
Wed, 21 Feb 2018 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES:14400.000
x-cache
HIT
status
200
x-cache-group
normal
x-pass-why
last-modified
Wed, 01 Nov 2017 11:21:31 GMT
server
NetDNA-cache/2.2
vary
Accept-Encoding,Cookie Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400, must-revalidate public, max-age=2592000
wpe-backend
apache
expires
Wed, 21 Feb 2018 21:48:39 GMT
/
cdn.securelist.com/wp-content/plugins/bwp-minify/min/ 		112 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/securelist/js/jquery.slides.js,wp-content/themes/securelist/js/jquery.flexslider-min.js,wp-content/themes/securelist/js/jquery.truncate.min.js,wp-content/themes/securelist/js/jquery.flexnav.min.js,wp-content/themes/securelist/js/jquery.sticky.js,wp-content/themes/securelist/js/doubletaptogo.min.js,wp-content/themes/securelist/js/hammer.min.js,wp-content/themes/securelist/js/jquery.tosrus.min.all.js,wp-content/themes/securelist/js/functions.js,wp-includes/js/comment-reply.min.js&ver=1519163066
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9e89155f81183f27e0d2e233dcda1605f41f1b66236c84bba542f38111b7623d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/securelist/js/jquery.slides.js,wp-content/themes/securelist/js/jquery.flexslider-min.js,wp-content/themes/securelist/js/jquery.truncate.min.js,wp-content/themes/securelist/js/jquery.flexnav.min.js,wp-content/themes/securelist/js/jquery.sticky.js,wp-content/themes/securelist/js/doubletaptogo.min.js,wp-content/themes/securelist/js/hammer.min.js,wp-content/themes/securelist/js/jquery.tosrus.min.all.js,wp-content/themes/securelist/js/functions.js,wp-includes/js/comment-reply.min.js&ver=1519163066
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
long-cache
date
Wed, 21 Feb 2018 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
bot
access-control-allow-origin
*
x-cache
HIT
status
200
x-cache-group
bot
x-pass-why
last-modified
Wed, 17 Jan 2018 16:42:05 GMT
server
NetDNA-cache/2.2
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
x-wpe-loopback-upstream-addr
127.0.0.1:6789
cache-control
max-age=10800, must-revalidate public, max-age=2592000
wpe-backend
apache
expires
Wed, 21 Feb 2018 21:46:13 GMT
/
cdn.securelist.com/wp-content/plugins/bwp-minify/min/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-tracking/js/external-tracking.js,wp-includes/js/wp-embed.min.js,wp-content/plugins/akismet/_inc/form.js,wp-content/plugins/gravityforms/js/placeholders.jquery.min.js&ver=1519163066
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
cdc125a4882bf8042ed58427971ffb488c57709859801cd31a7156f3a75035ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-tracking/js/external-tracking.js,wp-includes/js/wp-embed.min.js,wp-content/plugins/akismet/_inc/form.js,wp-content/plugins/gravityforms/js/placeholders.jquery.min.js&ver=1519163066
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
long-cache
date
Wed, 21 Feb 2018 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
bot
access-control-allow-origin
*
x-cache
HIT
status
200
x-cache-group
bot
x-pass-why
last-modified
Mon, 17 Apr 2017 06:14:51 GMT
server
NetDNA-cache/2.2
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
x-wpe-loopback-upstream-addr
127.0.0.1:6789
cache-control
max-age=10800, must-revalidate public, max-age=2592000
wpe-backend
apache
expires
Wed, 21 Feb 2018 21:45:34 GMT
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
HTTP/1.1
Server
23.38.57.103 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-57-103.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c42a645f788e7e08777d655a0c3c3614b456d9e567157d8a8a81f922c8fb7ad6

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 21 Feb 2018 16:09:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Jan 2018 00:38:22 GMT
Server
Apache
ETag
"d1b41ed040bddca0129ddaf626345cab:1516840702"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
735
munchkin.js
munchkin.marketo.net/151/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/151/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Server
23.38.57.103 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-57-103.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
585107ada7f42329cd4d6ab1d1e87fdf26f4994e8f47d72a44ee8ab5bd291288

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 21 Feb 2018 16:09:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Aug 2015 02:19:08 GMT
Server
Apache
ETag
"bd3daad4a1e88a1196d76b6dd3c9deed:1440037148"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
3503
Expires
Fri, 01 Jun 2018 16:09:39 GMT
MuseoSans-500.woff2
cdn.securelist.com/wp-content/themes/securelist/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.securelist.com/wp-content/themes/securelist/fonts/MuseoSans-500.woff2
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/3431070370.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ff6f0a5143d6e6285b150295b5d9bc5b485a0399319776d2154de0ae0b28768a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/securelist/fonts/MuseoSans-500.woff2
pragma
no-cache
origin
https://securelist.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
Origin
https://securelist.com

Response headers

x-type
static/known
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Jun 2017 08:56:08 GMT
server
NetDNA-cache/2.2
status
200
etag
"59351ca8-4614"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
17940
event
3431070370.log.optimizely.com/ 		2 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3431070370.log.optimizely.com/event?a=3431070370&d=3431070370&y=false&src=js&s3392371197=gc&s3406351312=false&s3424680516=direct&tsent=1519229379.619&n=https%3A%2F%2Fsecurelist.com%2Fa-slice-of-2017-sofacy-activity%2F83930%2F&u=oeu1519229379612r0.6723380963182028&wxhr=true&time=1519229379.618&f=3711100637&g=&cx2=4443c669
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/3431070370.js
Protocol
HTTP/1.1
Server
54.204.38.141 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-204-38-141.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Origin
https://securelist.com

Response headers

Date
Wed, 21 Feb 2018 16:09:40 GMT
Server
nginx
Access-Control-Allow-Methods
GET
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
https://securelist.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Access-Control-Allow-Headers
Content-Type, X-Requested-With, X-TS-AJAX-Request
Content-Length
2
fbevents.js
connect.facebook.net/en_US/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
SPDY
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
29451fb716c05b025bfb8a468767f7112baad0112dbc512d1610f64dbbad4bc0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
public
x-fb-debug
liOsC8e7NajgM/5IvpKSQ8oJuUeN9gVRzv/PPuVdcTeOcUpfuvRdWhWnRUWWxp86rKqqtx4BcpKPAQ1PobN1IA==
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 21 Feb 2018 16:09:39 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
12439
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
SPDY
Server
172.217.22.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2017 20:19:12 GMT
server
Golfe2
age
4537
date
Wed, 21 Feb 2018 14:54:02 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14597
expires
Wed, 21 Feb 2018 16:54:02 GMT
prum.min.js
rum-static.pingdom.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum-static.pingdom.net/prum.min.js
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
SPDY
Server
104.20.21.239 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69d900b16d7cb5f320fbc87a6fbe2e57c7b8bbc4a13b3a213509003b976ac5e3

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Feb 2018 16:09:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 15 Jan 2018 08:08:12 GMT
server
cloudflare
etag
W/"5a5c616c-18fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=43200
cf-ray
3f0af8a6df642342-FRA
content-length
2736
expires
Thu, 22 Feb 2018 04:09:39 GMT
all.js
connect.facebook.net/en_US/ 		208 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
SPDY
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
4321f3a87dcb11cf66ce29edea7c71339318d569ecb1ae3260fe38fccaa43edc
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
kMf3phcCOoOlm/JcfHCZ2Q==
status
200
content-length
65038
x-xss-protection
0
x-fb-debug
A9AZ7cCYWAEElla/wWE1eVb2dnM8cU3E9ZaoIMdIVCSGgnBz5R6Wm7/52H1mJUZlI3qxYhuwu8A+OgroZiODUQ==
x-fb-content-md5
eb7b98645a06da66dbafccfc3f901646
x-frame-options
DENY
date
Wed, 21 Feb 2018 16:09:39 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"3a75b0d0164ca1ea2d336795a60fc734"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin
*
expires
Wed, 21 Feb 2018 16:15:57 GMT
widgets.js
platform.twitter.com/ 		122 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
SPDY
Server
199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
2e51a9cbc157e8a3d23d85b9abbea7e6c356fd1f16a8ed533d3b578871e9a4d4

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Feb 2018 16:09:39 GMT
content-encoding
gzip
age
723
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
35928
x-served-by
cache-tw-fra1-cr1-20-TWFRA1
last-modified
Wed, 07 Feb 2018 22:11:31 GMT
x-timer
S1519229380.629758,VS0,VE0
etag
"cf17681ce84ef6bec4df6f1bcc13a870+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=1800
accept-ranges
bytes
platform.js
apis.google.com/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
SPDY
Server
216.58.214.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s09-in-f14.1e100.net
Software
ESF /
Resource Hash
8f2aafa1258b9247bf0d6680d37d88f172694b90c23d65a7aecacf7de4150155
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180219.13_p0
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180219.13_p0
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
date
Wed, 21 Feb 2018 16:09:39 GMT
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"45050cc267cb4ba8bbfc9d1b71e16c10"
timing-allow-origin
*
expires
Wed, 21 Feb 2018 16:09:39 GMT
ico-sprite.png
cdn.securelist.com/wp-content/themes/securelist/images/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.securelist.com/wp-content/themes/securelist/images/ico-sprite.png
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
17d2606bcd1b5c97d99a7cc1e620007d0292febb9932a2f99268457857d40ae3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/securelist/images/ico-sprite.png
pragma
no-cache
cookie
optimizelyEndUserId=oeu1519229379612r0.6723380963182028; optimizelySegments=%7B%223392371197%22%3A%22gc%22%2C%223406351312%22%3A%22false%22%2C%223424680516%22%3A%22direct%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%22n%3Dhttps%253A%252F%252Fsecurelist.com%252Fa-slice-of-2017-sofacy-activity%252F83930%252F%26u%3Doeu1519229379612r0.6723380963182028%26wxhr%3Dtrue%26time%3D1519229379.618%26f%3D3711100637%26g%3D%22%5D
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
:scheme
https
:method
GET
Referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
static/known
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Fri, 09 Feb 2018 14:47:59 GMT
server
NetDNA-cache/2.2
status
200
etag
"5a7db49f-11fde"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
73694
MuseoSans-300.woff2
cdn.securelist.com/wp-content/themes/securelist/fonts/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.securelist.com/wp-content/themes/securelist/fonts/MuseoSans-300.woff2
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
85c2761557d3602f2b7cfb72f1a65de17f3114aee7e3bfa9893c6d654522e4a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/securelist/fonts/MuseoSans-300.woff2
pragma
no-cache
origin
https://securelist.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
Origin
https://securelist.com

Response headers

x-type
static/known
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Jun 2017 08:56:08 GMT
server
NetDNA-cache/2.2
status
200
etag
"59351ca8-45bc"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
17852
MuseoSans-700.woff2
cdn.securelist.com/wp-content/themes/securelist/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.securelist.com/wp-content/themes/securelist/fonts/MuseoSans-700.woff2
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
3c2885574185694a5d1ecbebe7e0c026284a2dfbf29c91a942305ab2c2d07b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/securelist/fonts/MuseoSans-700.woff2
pragma
no-cache
origin
https://securelist.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
Origin
https://securelist.com

Response headers

x-type
static/known
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Jun 2017 08:56:08 GMT
server
NetDNA-cache/2.2
status
200
etag
"59351ca8-470c"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
18188
abstract_Digital-300x194.jpeg
cdn.securelist.com/files/2018/02/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.securelist.com/files/2018/02/abstract_Digital-300x194.jpeg
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
6c74d02ff0acbb2714a830ec3ce640b51bd316fef14a6f09eaebd35bcfc53fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/files/2018/02/abstract_Digital-300x194.jpeg
pragma
no-cache
cookie
optimizelyEndUserId=oeu1519229379612r0.6723380963182028; optimizelySegments=%7B%223392371197%22%3A%22gc%22%2C%223406351312%22%3A%22false%22%2C%223424680516%22%3A%22direct%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%22n%3Dhttps%253A%252F%252Fsecurelist.com%252Fa-slice-of-2017-sofacy-activity%252F83930%252F%26u%3Doeu1519229379612r0.6723380963182028%26wxhr%3Dtrue%26time%3D1519229379.618%26f%3D3711100637%26g%3D%22%5D
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
static/backed
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Feb 2018 09:22:10 GMT
server
NetDNA-cache/2.2
status
200
etag
"5a82ae42-3fd2"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
16338
promo-box-bg.png
cdn.securelist.com/wp-content/plugins/wds-securelist-widgets/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.securelist.com/wp-content/plugins/wds-securelist-widgets/images/promo-box-bg.png
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8f4a638f81df85f44c33f0912737d12d57582490339ef48d2409de169371ba76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/wds-securelist-widgets/images/promo-box-bg.png
pragma
no-cache
cookie
optimizelyEndUserId=oeu1519229379612r0.6723380963182028; optimizelySegments=%7B%223392371197%22%3A%22gc%22%2C%223406351312%22%3A%22false%22%2C%223424680516%22%3A%22direct%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%22n%3Dhttps%253A%252F%252Fsecurelist.com%252Fa-slice-of-2017-sofacy-activity%252F83930%252F%26u%3Doeu1519229379612r0.6723380963182028%26wxhr%3Dtrue%26time%3D1519229379.618%26f%3D3711100637%26g%3D%22%5D
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
:scheme
https
:method
GET
Referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
static/known
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 17 Apr 2017 06:14:49 GMT
server
NetDNA-cache/2.2
status
200
etag
"58f45d59-4ae"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1198
AdobeStock_56693266-300x160.jpeg
cdn.securelist.com/files/2017/10/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.securelist.com/files/2017/10/AdobeStock_56693266-300x160.jpeg
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
60f8d4507ff3494aa4badf4869aa70f5ab1bb4888ede979815bcb93df05b8d4e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/files/2017/10/AdobeStock_56693266-300x160.jpeg
pragma
no-cache
cookie
optimizelyEndUserId=oeu1519229379612r0.6723380963182028; optimizelySegments=%7B%223392371197%22%3A%22gc%22%2C%223406351312%22%3A%22false%22%2C%223424680516%22%3A%22direct%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%22n%3Dhttps%253A%252F%252Fsecurelist.com%252Fa-slice-of-2017-sofacy-activity%252F83930%252F%26u%3Doeu1519229379612r0.6723380963182028%26wxhr%3Dtrue%26time%3D1519229379.618%26f%3D3711100637%26g%3D%22%5D
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
static/backed
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Oct 2017 18:26:21 GMT
server
NetDNA-cache/2.2
status
200
etag
"59ef85cd-340c"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
13324
AdobeStock_108644145-300x225.jpeg
cdn.securelist.com/files/2017/09/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.securelist.com/files/2017/09/AdobeStock_108644145-300x225.jpeg
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
b694dab732cc18bc97e0fffc4f6bbe739a5a5a6657cd08dae958aa5173d5d648
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/files/2017/09/AdobeStock_108644145-300x225.jpeg
pragma
no-cache
cookie
optimizelyEndUserId=oeu1519229379612r0.6723380963182028; optimizelySegments=%7B%223392371197%22%3A%22gc%22%2C%223406351312%22%3A%22false%22%2C%223424680516%22%3A%22direct%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%22n%3Dhttps%253A%252F%252Fsecurelist.com%252Fa-slice-of-2017-sofacy-activity%252F83930%252F%26u%3Doeu1519229379612r0.6723380963182028%26wxhr%3Dtrue%26time%3D1519229379.618%26f%3D3711100637%26g%3D%22%5D
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
:scheme
https
:method
GET
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
static/backed
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 18 Sep 2017 09:17:38 GMT
server
NetDNA-cache/2.2
status
200
etag
"59bf8f32-344b"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
13387
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1518566665321/ 		223 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/api2/v1518566665321/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en
Protocol
SPDY
Server
172.217.16.195 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
702d73a7f825c3898a8d6cf1a76868298e7b1447464b2c4d7cf173e5fd21a5f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 14 Feb 2018 22:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2018 01:45:00 GMT
server
sffe
age
581382
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
73174
x-xss-protection
1; mode=block
expires
Thu, 14 Feb 2019 22:39:57 GMT
visitWebPage
802-ijn-240.mktoresp.com/webevents/ 		43 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://802-ijn-240.mktoresp.com/webevents/visitWebPage?_mchNc=1519229379688&_mchCn=&_mchId=802-IJN-240&_mchTk=_mch-securelist.com-1519229379688-83678&_mchHo=securelist.com&_mchPo=&_mchRu=%2Fa-slice-of-2017-sofacy-activity%2F83930%2F&_mchPc=https%3A&_mchVr=151&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/151/munchkin.js
Protocol
HTTP/1.1
Server
199.15.215.117 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Origin
https://securelist.com

Response headers

Pragma
no-cache
Date
Wed, 21 Feb 2018 16:09:40 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 21 Feb 2018 10:09:40 -0600
Server
Apache
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Content-Type
image/gif
Keep-Alive
timeout=5, max=100
Content-Length
43
Expires
-1
adsct
t.co/i/ 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=ntt0i&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
SPDY
Server
104.244.42.197 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Feb 2018 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
110
pragma
no-cache
last-modified
Wed, 21 Feb 2018 16:09:39 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
bda8019af10d5a7b614d4a7827991f7e
x-transaction
00b074e100b72833
expires
Tue, 31 Mar 1981 05:00:00 GMT
social-icons.png
cdn.securelist.com/wp-content/themes/securelist/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.securelist.com/wp-content/themes/securelist/images/social-icons.png
Requested by
Host: cdn.securelist.com
URL: https://cdn.securelist.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
16b69de644b5937cf6ab489f4a6394e8f7df203cf23d9294fa93379e6f74e8c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/securelist/images/social-icons.png
pragma
no-cache
cookie
optimizelyEndUserId=oeu1519229379612r0.6723380963182028; optimizelySegments=%7B%223392371197%22%3A%22gc%22%2C%223406351312%22%3A%22false%22%2C%223424680516%22%3A%22direct%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%22n%3Dhttps%253A%252F%252Fsecurelist.com%252Fa-slice-of-2017-sofacy-activity%252F83930%252F%26u%3Doeu1519229379612r0.6723380963182028%26wxhr%3Dtrue%26time%3D1519229379.618%26f%3D3711100637%26g%3D%22%5D; _mkto_trk=id:802-IJN-240&token:_mch-securelist.com-1519229379688-83678
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
:scheme
https
:method
GET
Referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-type
static/known
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Fri, 29 Sep 2017 05:49:50 GMT
server
NetDNA-cache/2.2
status
200
etag
"59cddefe-2098"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
8344
MuseoSans-500Italic.woff2
cdn.securelist.com/wp-content/themes/securelist/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.securelist.com/wp-content/themes/securelist/fonts/MuseoSans-500Italic.woff2
Requested by
Host: cdn.securelist.com
URL: https://cdn.securelist.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
6aed6d601cc564d08abf786285f2309152ecfa0a6bea310eb397c4fd9b899545
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/themes/securelist/fonts/MuseoSans-500Italic.woff2
pragma
no-cache
origin
https://securelist.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css,wp-content/plugins/jquery-collapse-o-matic/light_style.css,wp-content/plugins/wds-securelist-widgets/css/securelist-plugin-styles.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/themes/securelist/css/fonts-lat.css,wp-content/themes/securelist/style.css,wp-content/themes/securelist/css/responsive.css,wp-content/themes/securelist/css/plugins.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css&ver=1519163066
Origin
https://securelist.com

Response headers

x-type
static/known
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Jun 2017 08:56:08 GMT
server
NetDNA-cache/2.2
status
200
etag
"59351ca8-49ac"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
18860
fontawesome-webfont.woff2
cdn.securelist.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.securelist.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: cdn.securelist.com
URL: https://cdn.securelist.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.224 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
pragma
no-cache
origin
https://securelist.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn.securelist.com
referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1519163066
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://cdn.securelist.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=1519163066
Origin
https://securelist.com

Response headers

x-type
static/known
date
Wed, 21 Feb 2018 16:09:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Jun 2017 14:32:46 GMT
server
NetDNA-cache/2.2
status
200
etag
"594a838e-fbd0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
64464
adsct
analytics.twitter.com/i/ 		31 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=ntt0i&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fsecurelist.com%2Fa-slice-of-2017-sofacy-activity%2F83930%2F
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/oct.js
Protocol
SPDY
Server
104.244.42.3 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Feb 2018 16:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
20
pragma
no-cache
last-modified
Wed, 21 Feb 2018 16:09:39 GMT
server
tsa_b
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
4bcb269570952b8ec20a6ebd8202390d
x-transaction
0005e5380083cdc2
expires
Tue, 31 Mar 1981 05:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&aip=1&a=1381954720&t=pageview&_s=1&dl=https%3A%2F%2Fsecurelist.com%2Fa-slice-of-2017-sofacy-activity%2F83930%2F&ul=en-us&de=UTF-8&dt=A%20Slice%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15857463-1&cid=384797415.1519229380&jid=1182162775&_gid=890146806.1519229380&gjid=853955715&_v=j66&z=1736066641
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15857463-1&cid=384797415.1519229380&jid=1182162775&_gid=890146806.1519229380&gjid=853955715&_v=j66&z=1736066641
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
SPDY
Server
74.125.133.155 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wo-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 21 Feb 2018 16:09:39 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Feb 2018 16:09:39 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15857463-1&cid=384797415.1519229380&jid=1182162775&_gid=890146806.1519229380&gjid=853955715&_v=j66&z=1736066641
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
839281392784015
connect.facebook.net/signals/config/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/839281392784015?v=2.8.12&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b68bf42f39eb8f0ce676c6370948cd24af3528a3d0d04476b13b314003c57dd0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
15230
x-xss-protection
0
pragma
public
x-fb-debug
NrkrXnSKYPqbYQyRwgqII3KxgKMnOGUHpdF94LROBkZnOqi9YQef/WSUke/IcA7hCndmvRKSav7C8MSFl+2UDA==
x-frame-options
DENY
date
Wed, 21 Feb 2018 16:09:39 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
graph.facebook.com/ 		646 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fsecurelist.com%2Fa-slice-of-2017-sofacy-activity%2F83930%2F
Requested by
Host: cdn.securelist.com
URL: https://cdn.securelist.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
SPDY
Server
185.60.216.15 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
07d2a2a8c642d2c1cd38b186dce7b3e64d248a559630ef86790d6271733f54c5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Origin
https://securelist.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
gzip
etag
"26dff1a991a34bcd020ab5670a0f2e3d07998a2e"
status
200
x-fb-rev
3663409
content-length
408
pragma
no-cache
x-fb-debug
lTCUfkJyDdc/Qe987PdSrSpCSzVuXL9hlCRJNwUtkLWmMmikmWBIa/TuewWaSbzl0FO+JrNBmH7av34+USk4WA==
x-fb-trace-id
FbV5OT31J4e
date
Wed, 21 Feb 2018 16:09:39 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.5
expires
Sat, 01 Jan 2000 00:00:00 GMT
gpp.xml
share.yandex.ru/ 		0
182 B 		Script
General
Check archive.org
Download Go to
Full URL
https://share.yandex.ru/gpp.xml?url=https%3A%2F%2Fsecurelist.com%2Fa-slice-of-2017-sofacy-activity%2F83930%2F&callback=jQuery1124038723029124456376_1519229379236&_=1519229379237
Requested by
Host: cdn.securelist.com
URL: https://cdn.securelist.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
HTTP/1.1
Server
93.158.134.227 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
share-proxy-balancer.stable.qloud-b.yandex.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 21 Feb 2018 16:09:39 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=120
X-qloud-router
man4-7de22950f5ac.qloud-c.yandex.net
/
www.facebook.com/tr/ 		44 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=839281392784015&ev=PageView&dl=https%3A%2F%2Fsecurelist.com%2Fa-slice-of-2017-sofacy-activity%2F83930%2F&rl=&if=false&ts=1519229379965&sw=1600&sh=1200&v=2.8.12&r=stable&ec=0&o=28&it=1519229379831
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
SPDY
Server
185.60.216.35 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Feb 2018 16:09:39 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 21 Feb 2018 16:09:39 GMT
/
www.facebook.com/impression.php/fae227df3a60f8/ 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/impression.php/fae227df3a60f8/?api_key=160639043985664&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
Requested by
Host: securelist.com
URL: https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Protocol
SPDY
Server
185.60.216.35 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
no-cache
x-fb-debug
mt7o49efIwE8n6yC+9wJvXxIuc0CqGvq2jVS66hyvLJIUkv0Yb6JSzUiz7hi2qhd4On7cUwsaiNpTHj2t8aYUw==
date
Wed, 21 Feb 2018 16:09:40 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
beacon.gif
rum-collector-2.pingdom.net/img/ 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum-collector-2.pingdom.net/img/beacon.gif?id=560b0cc5abe53daf128a2dfc&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=218&cE=459&dLE=218&dLS=212&fS=693&hS=332&rE=-1&rS=-1&reS=459&resS=692&resE=693&uEE=-1&uES=-1&dL=694&dI=1569&dCLES=1569&dCLEE=1592&dC=2037&lES=2037&lEE=2048&s=nt&title=A%20Slice%20of%202017%20Sofacy%20Activity%20-%20Securelist&path=https%3A%2F%2Fsecurelist.com%2Fa-slice-of-2017-sofacy-activity%2F83930%2F&ref=&sId=rk0s3rw7&sST=1519229380&sIS=1&rV=0&v=1.3.3
Requested by
Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/prum.min.js
Protocol
HTTP/1.1
Server
52.48.148.112 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-148-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
Origin
https://securelist.com

Response headers

Pragma
no-cache
Date
Wed, 21 Feb 2018 16:09:40 GMT
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
beacon.gif
rum-collector.pingdom.net/img/ 		43 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rum-collector.pingdom.net/img/beacon.gif?id=560b0cc5abe53daf128a2dfc&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=218&cE=459&dLE=218&dLS=212&fS=693&hS=332&rE=-1&rS=-1&reS=459&resS=692&resE=693&uEE=-1&uES=-1&dL=694&dI=1569&dCLES=1569&dCLEE=1592&dC=2037&lES=2037&lEE=2048&s=nt&title=A%20Slice%20of%202017%20Sofacy%20Activity%20-%20Securelist&path=https%3A%2F%2Fsecurelist.com%2Fa-slice-of-2017-sofacy-activity%2F83930%2F&ref=&sId=rk0s3rw7&sST=1519229380&sIS=1&rV=0&v=1.3.3
Protocol
SPDY
Server
104.20.21.239 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://securelist.com/a-slice-of-2017-sofacy-activity/83930/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

status
200
date
Wed, 21 Feb 2018 16:09:40 GMT
content-encoding
gzip
server
cloudflare
cf-ray
3f0af8aaca382342-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| $ function| jQuery object| kss function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| geolocation object| optly object| optimizely function| fbq function| _fbq string| GoogleAnalyticsObject function| ga object| _prum object| ___grecaptcha_cfg boolean| __google_recaptcha_client object| MunchkinTracker object| twttr string| colomatduration string| colomatslideEffect string| colomatpauseInit string| colomattouchstart object| CrayonSyntaxSettings object| CrayonSyntaxStrings function| jQueryCrayon object| CrayonUtil object| jqueryPopup function| popupWindow function| popdownWindow object| CrayonSyntax object| SecurelistTOC object| jQuery1124038723029124456376 object| addComment function| Hammer object| filetypes string| baseHref string| hrefRedirect object| ak_js object| commentForm object| replyRowContainer undefined| children function| gaHitCallbackHandler object| wp object| Placeholders string| currentURL string| currentDir object| GET object| gaplugins object| gaGlobal object| gaData function| __twttrll object| __twttr object| gapi object| ___jsl object| FB object| recaptcha object| grecaptcha object| closure_lm_756256

13 Cookies

Domain/Path Name / Value
.facebook.com/ Name: fr
Value: 0AilaYAmbff10qaPc..BajZnD...1.0.BajZnD.
.twitter.com/ Name: guest_id
Value: v1%3A151922937987542251
securelist.com/a-slice-of-2017-sofacy-activity/83930 Name: pa-l
Value: pa-l=sid%3Drk0s3rw7%26sst%3D1519229380%26sis%3D1%26rv%3D0
.twitter.com/ Name: personalization_id
Value: "v1_I1TSiha4Ivi1rh+OY3U3qg=="
.securelist.com/ Name: _gid
Value: GA1.2.890146806.1519229380
.google.com/ Name: NID
Value: 124=RR10q-ytcdCGQYe7XxxAgWpptTBe3zkvCylXHL_lvF5vCoLmgIhmd92tbVcOJdPvPscIWNQFeHC5vdZqSX0piEx0WbuHcOr_aiW0TznjOPzcUo3ijwAhJkCCyK95LMtx
.securelist.com/ Name: optimizelyEndUserId
Value: oeu1519229379612r0.6723380963182028
.securelist.com/ Name: _ga
Value: GA1.2.384797415.1519229380
.securelist.com/ Name: optimizelyPendingLogEvents
Value: %5B%5D
.securelist.com/ Name: optimizelySegments
Value: %7B%223392371197%22%3A%22gc%22%2C%223406351312%22%3A%22false%22%2C%223424680516%22%3A%22direct%22%7D
.securelist.com/ Name: _mkto_trk
Value: id:802-IJN-240&token:_mch-securelist.com-1519229379688-83678
.securelist.com/ Name: optimizelyBuckets
Value: %7B%7D
.securelist.com/ Name: _gat
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.facebook.net https://*.google-analytics.com https://*.google.com https://*.mktoresp.com https://*.optimizely.com https://*.pingdom.net https://*.reddit.com https://*.securelist.com https://*.youtube.com https://cdn.securelist.com https://hn.algolia.com https://kasperskycontenthub.com https://securelist.com https://www.google-analytics.com; default-src 'self' https://*.securelist.com https://cdn.securelist.com https://kasperskycontenthub.com https://kasperskycontenthub.com/securelist https://securelist.com; font-src 'self' data: https://*.gstatic.com https://*.securelist.com https://*.wp.com https://cdn.securelist.com https://fonts.googleapis.com https://fonts.gstatic.com https://kasperskycontenthub.com https://securelist.com; frame-src 'self' https://*.addthis.com https://*.facebook.com https://*.google.com https://*.instagram.com https://*.libsyn.com https://*.marketo.com https://*.securelist.com https://*.sharethis.com https://*.slideshare.net https://*.twitter.com https://*.wp.com https://*.youtube.com https://cdn.securelist.com https://kasperskycontenthub.com https://player.vimeo.com https://s-static.ak.facebook.com https://securelist.com https://www.brighttalk.com; img-src 'self' data: http://*.netdna-cdn.com http://*.wordpress.com http://*.wp.com http://forum.kasperskyclub.ru http://i0.poll.fm https://*.addthis.com https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.google.com https://*.gravatar.com https://*.gstatic.com https://*.instagram.com https://*.netdna-cdn.com https://*.netdna-ssl.com https://*.securelist.com https://*.sharethis.com https://*.staticflickr.com https://*.twimg.com https://*.twitter.com https://*.wordpress.com https://*.wp.com https://*.ytimg.com https://addevent.com https://blog.kaspersky.com https://cdn.securelist.com https://csi.gstatic.com https://d1srlirzdlmpew.cloudfront.net https://geo.yahoo.com https://images.telechargement.fr https://instagramimages-a.akamaihd.net https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://maps.googleapis.com https://player.vimeo.com https://polldaddy.com https://rum-collector.pingdom.net https://s.w.org https://scontent.cdninstagram.com https://securelist.com https://stats.g.doubleclick.net https://t.co https://threatpost.com https://track.addevent.com; object-src 'self' https://*.securelist.com https://kasperskycontenthub.com https://player.vimeo.com https://polldaddy.com https://securelist.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.addevent.com https://*.addthis.com https://*.cloudfront.net https://*.crazyegg.com https://*.demdex.net https://*.facebook.com https://*.facebook.net https://*.flickr.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.gravatar.com https://*.gstatic.com https://*.instagram.com https://*.kaspersky.com https://*.marketo.com https://*.marketo.net https://*.optimizely.com https://*.polldaddy.com https://*.securelist.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.woopra.com https://*.wp.com https://addthisevent.com https://assets.adobedtm.com https://cdn.optimizely.com https://cdn.securelist.com https://connect.facebook.net https://connect.mail.ru https://kaspersky.d2.sc.omtrdc.net https://kasperskycontenthub.com https://m.addthis.com https://m.addthisedge.com https://munchkin.marketo.net https://player.vimeo.com https://rum-static.pingdom.net https://script.crazyegg.com https://securelist.com https://share.yandex.ru/ https://static.ads-twitter.com https://vk.com https://www.addevent.com https://www.brighttalk.com https://www.flickr.com https://www.googletagmanager.com https://www.linkedin.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.gravatar.com https://*.kaspersky.com https://*.marketo.com https://*.securelist.com https://*.sharethis.com https://*.twimg.com https://*.twitter.com https://*.wp.com https://cdn.securelist.com https://fonts.googleapis.com https://kasperskycontenthub.com https://s0.wp.com https://secure.gravatar.com https://securelist.com; report-uri https://kasperskycontenthub.com/securelist/csp_report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3431070370.log.optimizely.com
802-ijn-240.mktoresp.com
analytics.twitter.com
apis.google.com
cdn.optimizely.com
cdn.securelist.com
connect.facebook.net
graph.facebook.com
kas.pr
kasperskycontenthub.com
munchkin.marketo.net
platform.twitter.com
rum-collector-2.pingdom.net
rum-collector.pingdom.net
rum-static.pingdom.net
securelist.com
share.yandex.ru
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.gstatic.com
104.20.21.239
104.244.42.197
104.244.42.3
104.244.43.16
108.161.188.224
172.217.16.195
172.217.22.46
185.60.216.15
185.60.216.19
185.60.216.35
199.15.215.117
199.96.57.6
2.18.233.186
216.58.214.36
216.58.214.46
23.38.57.103
35.184.29.71
52.48.148.112
54.204.38.141
74.125.133.155
77.74.178.24
93.158.134.227
001020074fce061b86caeaebd1aeccff49b74d405137486eb293296f023519a2
07d2a2a8c642d2c1cd38b186dce7b3e64d248a559630ef86790d6271733f54c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
169441c83fcabcbf2da051e96a3b2461eea26221fa7e9a42adc549195782890d
16b69de644b5937cf6ab489f4a6394e8f7df203cf23d9294fa93379e6f74e8c3
17d2606bcd1b5c97d99a7cc1e620007d0292febb9932a2f99268457857d40ae3
29451fb716c05b025bfb8a468767f7112baad0112dbc512d1610f64dbbad4bc0
2e51a9cbc157e8a3d23d85b9abbea7e6c356fd1f16a8ed533d3b578871e9a4d4
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
319fd01db1a83a39f5de679fd76b032c5e8460669d478ed144adf957cdb57f8a
32ce924e0ba462bc30ad9636a624717273e0a8f3457cbd07038d61022c098005
377b5b56ee7907e720897135f9f450d79bb4f359e72d4df3a669ce6e54bb5f17
3c2885574185694a5d1ecbebe7e0c026284a2dfbf29c91a942305ab2c2d07b9b
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
4321f3a87dcb11cf66ce29edea7c71339318d569ecb1ae3260fe38fccaa43edc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443efbf367d2c260ea52c7dd8d4abba80f93fa69f24d523affce71a7a7ed32d2
46fd82c5610248a423d5b857f67a9e6032b518be790eb0726199964f93edaa96
484aee1b81286040100dad5243407bd64be9aa7fc389b87ef2acd03451bc6888
4bcb339256ec1bd03bed9893ea9d2e91a14d7e04a68855f0ab1382ef10dee71a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
585107ada7f42329cd4d6ab1d1e87fdf26f4994e8f47d72a44ee8ab5bd291288
60f8d4507ff3494aa4badf4869aa70f5ab1bb4888ede979815bcb93df05b8d4e
69d900b16d7cb5f320fbc87a6fbe2e57c7b8bbc4a13b3a213509003b976ac5e3
6aed6d601cc564d08abf786285f2309152ecfa0a6bea310eb397c4fd9b899545
6c74d02ff0acbb2714a830ec3ce640b51bd316fef14a6f09eaebd35bcfc53fe5
6e4238aab544511ab6dc64c11b5ed1bb40304f5b94677c8b21fd33f75d8013e4
702d73a7f825c3898a8d6cf1a76868298e7b1447464b2c4d7cf173e5fd21a5f0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85c2761557d3602f2b7cfb72f1a65de17f3114aee7e3bfa9893c6d654522e4a3
8f2aafa1258b9247bf0d6680d37d88f172694b90c23d65a7aecacf7de4150155
8f4a638f81df85f44c33f0912737d12d57582490339ef48d2409de169371ba76
9d982177b3d60b7efdc63e96c480bab3d1f4ba0e14d7f78482fee4850cf65f9e
9e89155f81183f27e0d2e233dcda1605f41f1b66236c84bba542f38111b7623d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b68bf42f39eb8f0ce676c6370948cd24af3528a3d0d04476b13b314003c57dd0
b694dab732cc18bc97e0fffc4f6bbe739a5a5a6657cd08dae958aa5173d5d648
c42a645f788e7e08777d655a0c3c3614b456d9e567157d8a8a81f922c8fb7ad6
cb5255e725fd8ad9c2fb13800e3de032b206fc6b37dd6afd3f83bbd20404bd2e
cb6e8cbdbffde6051b555a897c03af35a290a88d5e5ec22becb7553c13609b77
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
cdc125a4882bf8042ed58427971ffb488c57709859801cd31a7156f3a75035ce
dc45d801b16f020d160488367a368f1cb0bd2c18b35599c1de41f6a45cd92813
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1d8c3208e90b9a68aca03cfe58c20357d5d7723ddf83d47bbbd3d4af08dadd8
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
ff6f0a5143d6e6285b150295b5d9bc5b485a0399319776d2154de0ae0b28768a