urlscan.io logo urlscan.io
SecurityTrails logo

securityaffairs.co Open in urlscan Pro
217.160.0.146  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/2pphqsG
Effective URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Submission: On March 20 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 5 countries across 23 domains to perform 211 HTTP transactions. The main IP is 217.160.0.146, located in Germany and belongs to ONEANDONE-AS Brauerstrasse 48, DE. The main domain is securityaffairs.co.
This is the only time securityaffairs.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 395224 (BITLY-AS)
1 47 217.160.0.146 8560 (ONEANDONE...)
5 216.58.214.74 15169 (GOOGLE)
1 108.161.189.121 54104 (AS-STACKPATH)
1 2.16.186.41 20940 (AKAMAI-ASN1)
1 23.67.137.77 20940 (AKAMAI-ASN1)
12 192.0.77.2 2635 (AUTOMATTIC)
32 23.56.3.183 26769 (BANDCON)
1 192.0.73.2 2635 (AUTOMATTIC)
1 185.60.216.19 32934 (FACEBOOK)
1 192.0.77.32 2635 (AUTOMATTIC)
3 216.58.206.14 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
1 3 52.57.39.144 16509 (AMAZON-02)
3 172.217.16.174 15169 (GOOGLE)
7 216.58.206.3 15169 (GOOGLE)
1 2.16.186.80 20940 (AKAMAI-ASN1)
1 7 173.241.240.220 36089 (OPENX-AS1)
3 216.58.205.226 15169 (GOOGLE)
1 2.16.186.83 20940 (AKAMAI-ASN1)
8 2.16.186.113 20940 (AKAMAI-ASN1)
11 52.86.242.184 14618 (AMAZON-AES)
17 54.86.56.206 14618 (AMAZON-AES)
3 172.217.22.2 15169 (GOOGLE)
12 216.58.214.66 15169 (GOOGLE)
1 31.13.92.36 32934 (FACEBOOK)
6 216.58.206.1 15169 (GOOGLE)
3 50.58.197.14 40034 (CONFLUENC...)
6 172.217.18.162 15169 (GOOGLE)
3 2.16.186.67 20940 (AKAMAI-ASN1)
3 52.52.193.134 16509 (AMAZON-02)
3 54.215.226.112 16509 (AMAZON-02)
3 52.9.8.193 16509 (AMAZON-02)
1 172.217.16.164 15169 (GOOGLE)
2 173.241.240.212 36089 (OPENX-AS1)
211 34
1    67.199.248.10 (United States)

ASN395224 (BITLY-AS - Bitly Inc, US)
bit.ly
47    217.160.0.146 (Germany)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: 217-160-0-146.elastic-ssl.ui-r.com
securityaffairs.co
5    216.58.214.74 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s10-in-f74.1e100.net
fonts.googleapis.com
1    108.161.189.121 (Los Angeles, United States)

ASN54104 (AS-STACKPATH - netDNA, US)
maxcdn.bootstrapcdn.com
1    2.16.186.41 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-41.deploy.akamaitechnologies.com
w.sharethis.com
1    23.67.137.77 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-67-137-77.deploy.static.akamaitechnologies.com
platform-api.sharethis.com
12    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: i0.wp.com
i2.wp.com
i0.wp.com
i1.wp.com
32    23.56.3.183 (Cambridge, United States)

ASN26769 (BANDCON - Bandcon, US)
PTR: a23-56-3-183.deploy.static.akamaitechnologies.com
contextual.media.net
adservetx.media.net
opt-east.media.net
1    192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
0.gravatar.com
1    185.60.216.19 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com
s0.wp.com
3    216.58.206.14 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f14.1e100.net
apis.google.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
stats.wp.com
pixel.wp.com
3    52.57.39.144 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-39-144.eu-central-1.compute.amazonaws.com
l.sharethis.com
3    172.217.16.174 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f174.1e100.net
www.google-analytics.com
7    216.58.206.3 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f3.1e100.net
fonts.gstatic.com
1    2.16.186.80 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.akamaitechnologies.com
pxlclnmdecom-a.akamaihd.net
7    173.241.240.220 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-220.xa.dc.openx.org
medianet-d.openx.net
3    216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net
www.googletagservices.com
1    2.16.186.83 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-83.deploy.akamaitechnologies.com
a.mnet-ad.net
8    2.16.186.113 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-113.deploy.akamaitechnologies.com
qsearch.media.net
11    52.86.242.184 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-86-242-184.compute-1.amazonaws.com
dt.clnmde.com
17    54.86.56.206 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-86-56-206.compute-1.amazonaws.com
dt.clnmde.com
3    172.217.22.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f2.1e100.net
adservice.google.com
12    216.58.214.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s10-in-f66.1e100.net
securepubads.g.doubleclick.net
1    31.13.92.36 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
PTR: edge-star-mini-shv-01-frt3.facebook.com
www.facebook.com
6    216.58.206.1 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f1.1e100.net
tpc.googlesyndication.com
3    50.58.197.14 (United States)

ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG)
search.keywordblocks.com
6    172.217.18.162 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f2.1e100.net
pagead2.googlesyndication.com
3    2.16.186.67 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-67.deploy.akamaitechnologies.com
qsearch-a.akamaihd.net
3    52.52.193.134 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-52-193-134.us-west-1.compute.amazonaws.com
navvy.media.net
3    54.215.226.112 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-215-226-112.us-west-1.compute.amazonaws.com
c.ad-srv.co
3    52.9.8.193 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-9-8-193.us-west-1.compute.amazonaws.com
c.adyield.co
1    172.217.16.164 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f164.1e100.net
google-analytics.com
2    173.241.240.212 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-212.xa.dc.openx.org
us-ads.openx.net
Domain Requested by
47 securityaffairs.co 1 redirects securityaffairs.co
28 dt.clnmde.com pxlclnmdecom-a.akamaihd.net
securityaffairs.co
28 contextual.media.net securityaffairs.co
contextual.media.net
12 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
securityaffairs.co
8 qsearch.media.net securityaffairs.co
contextual.media.net
7 medianet-d.openx.net 1 redirects securityaffairs.co
medianet-d.openx.net
7 fonts.gstatic.com securityaffairs.co
apis.google.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
securityaffairs.co
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
5 i2.wp.com securityaffairs.co
5 fonts.googleapis.com securityaffairs.co
4 i1.wp.com securityaffairs.co
3 c.adyield.co securityaffairs.co
3 c.ad-srv.co securityaffairs.co
3 navvy.media.net contextual.media.net
3 qsearch-a.akamaihd.net securityaffairs.co
3 opt-east.media.net securityaffairs.co
3 search.keywordblocks.com securityaffairs.co
3 adservice.google.com www.googletagservices.com
3 www.googletagservices.com securityaffairs.co
3 www.google-analytics.com securityaffairs.co
3 l.sharethis.com 1 redirects securityaffairs.co
3 apis.google.com securityaffairs.co
apis.google.com
3 i0.wp.com securityaffairs.co
2 us-ads.openx.net contextual.media.net
us-ads.openx.net
1 google-analytics.com securityaffairs.co
1 pixel.wp.com securityaffairs.co
1 www.facebook.com securityaffairs.co
1 a.mnet-ad.net securityaffairs.co
1 adservetx.media.net contextual.media.net
1 pxlclnmdecom-a.akamaihd.net contextual.media.net
1 stats.wp.com securityaffairs.co
1 s0.wp.com securityaffairs.co
1 connect.facebook.net securityaffairs.co
1 0.gravatar.com securityaffairs.co
1 platform-api.sharethis.com securityaffairs.co
1 w.sharethis.com securityaffairs.co
1 maxcdn.bootstrapcdn.com securityaffairs.co
1 bit.ly 1 redirects
211 39
Subject Issuer Validity Valid

This page contains 17 frames:

Primary Page: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Frame ID: 37EB5E266854A49CF3805E8EF55A0B8
Requests: 143 HTTP requests in this frame

Frame: http://medianet-d.openx.net/w/1.0/jstag?oxns=mNCM
Frame ID: 790E321BD62E0FD51E460B53FCBC6CDF
Requests: 2 HTTP requests in this frame

Frame: http://www.googletagservices.com/tag/js/gpt.js
Frame ID: 134C298B08C659FBE1A7A9AEFB129BFA
Requests: 7 HTTP requests in this frame

Frame: http://contextual.media.net/mediamain.html?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=762221962&pid=8PO5M70HK&size=300x250&cpnet=yVb1sHm-0KIh29BOFTjjrEBbIZGw_v2fXpyZXRW3WVE%3D&cme=FCIgUes4lP8jgFeZgNKmic0rL2-LujhG_F35HOVEMPXoyy-2ZV1jLvon8EUh3DY_9_LIOYRvjrgdsPnTFZGmUkpm--mFnhHqLts4iOKhK47Be1FBgDho4ST02hqPkNFHw83atFSbNK8%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7C0bm4u78ysocOEQZjP3lQgsZseCAp4RlraSHHaYPVOOM3thtTVfLrFt_iqcldY3e6cr4aGjXOyElU3ysfMJ2ISR6zkBzmCwppGt0deZoN4q4%3D%7CsRBSg3CPSiQ%3D%7C&cc=DE&bf=0&vif=1&nse=3&bid=210870&vi=1521535039846675342&lw=1&ugd=4&ib=0&ourl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&osrc=metatag&katbid=-2&nb=1
Frame ID: BC45B7250713DC4D10038008BB6C72B0
Requests: 1 HTTP requests in this frame

Frame: http://contextual.media.net/__media__/js/util/nrr.js?v=78
Frame ID: 16E22B512AA7FDE9295CB10A2C7D0AE6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180312/r20110914/activeview/osd_listener.js
Frame ID: 99F54DE4AB72EB334B4E7F0040C2872
Requests: 3 HTTP requests in this frame

Frame: http://medianet-d.openx.net/w/1.0/jstag?oxns=mNCM
Frame ID: 77A6D328B663D0DF7E8C65142F8C4918
Requests: 2 HTTP requests in this frame

Frame: http://www.googletagservices.com/tag/js/gpt.js
Frame ID: A4B0764879D2D6837F1170CC0A7A7DFC
Requests: 7 HTTP requests in this frame

Frame: http://contextual.media.net/mediamain.html?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=184323154&pid=8PO5M70HK&size=300x250&cpnet=yVb1sHm-0KIh29BOFTjjrHvHwrQGlpByWaOO1vn303s%3D&cme=yINvVCFxqLMbSqDgxM-acxgbv-13pHyD4y-MDQGBFdYUXQ-wXrJy0CPtTuDt0RSSxaoVDeZ3XY07KQMY9eHzta_iCBriuV7UZ-_IHi2pj1EhY9RBBPiQi5dCn9e6EzY48y5LXNPAQ9E%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7C0bm4u78ysocOEQZjP3lQgsZseCAp4RlraSHHaYPVOOM3thtTVfLrFt_iqcldY3e6cr4aGjXOyElU3ysfMJ2ISR6zkBzmCwppGt0deZoN4q4%3D%7CsRBSg3CPSiQ%3D%7C&cc=DE&bf=0&vif=1&nse=3&bid=210870&vi=1521535040730500716&lw=1&ugd=4&ib=0&ourl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&osrc=metatag&katbid=-2&nb=1
Frame ID: 98D1D4200836957670C132C7C1871DC
Requests: 1 HTTP requests in this frame

Frame: http://medianet-d.openx.net/w/1.0/jstag?oxns=mNCM
Frame ID: 2F9C424D03405CE334A605547B78CBFC
Requests: 2 HTTP requests in this frame

Frame: http://www.googletagservices.com/tag/js/gpt.js
Frame ID: 665D8BE79C2161F34B17810897DF8B1
Requests: 7 HTTP requests in this frame

Frame: http://contextual.media.net/__media__/pics/yahookeywordsblock/spinner.gif
Frame ID: 898D9EB6913AB25DF22ACA206A1CBACC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180312/r20110914/activeview/osd_listener.js
Frame ID: DA337BA2A49A56A4EB6E085B40BACE26
Requests: 3 HTTP requests in this frame

Frame: http://contextual.media.net/mediamain.html?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=639665355&pid=8PO5M70HK&size=300x600&cpnet=yVb1sHm-0KIh29BOFTjjrOMbY3Wy7OSYfNFL7sC0vVY%3D&cme=sj8jUgUthZgb1dk55FlquHTZZWJ5h3uCyeWPMZuARP06ymyV8xaf7IGyrTEw9Mqe0VEgnOI2lfgsjpp_kIry7BcGTHhLQPB8su0CxyMmpe-aZep7AcFhefS-26SA-aelKUhC-QRXHFM%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7C0bm4u78ysocOEQZjP3lQgsZseCAp4RlraSHHaYPVOOM3thtTVfLrFt_iqcldY3e6cr4aGjXOyElU3ysfMJ2ISR6zkBzmCwppGt0deZoN4q4%3D%7CsRBSg3CPSiQ%3D%7C&cc=DE&bf=0&vif=1&nse=3&bid=210870&vi=1521535040967158751&lw=1&ugd=4&ib=0&ourl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&osrc=metatag&katbid=-2&nb=1
Frame ID: FA081C4B72995B6143F42BAE411B3D22
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180312/r20110914/activeview/osd_listener.js
Frame ID: CBA3F6DCB72001386F57DCDF86159313
Requests: 3 HTTP requests in this frame

Frame: http://contextual.media.net/__media__/pics/yahookeywordsblock/spinner.gif
Frame ID: A4324784292F6B8600AD8A2FB847438
Requests: 9 HTTP requests in this frame

Frame: http://us-ads.openx.net/w/1.0/jstag
Frame ID: 5002530BBE10EE9884B2269FED7667B4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bit.ly/2pphqsG HTTP 301
    http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+s\d+\.wp\.com/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+s\d+\.wp\.com/i
Overall confidence: 100%
Detected patterns
  • env /^mejs$/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

211
Requests

0 %
HTTPS

0 %
IPv6

23
Domains

39
Subdomains

34
IPs

5
Countries

2327 kB
Transfer

4566 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/2pphqsG HTTP 301
    http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • http://connect.facebook.net/en_US/sdk.js HTTP 307
  • https://connect.facebook.net/en_US/sdk.js
Request Chain 68
  • http://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&fpc=6f69f6a-162428e378c-3d8a2044-1&sessionID=1521535039372.40074&hostname=securityaffairs.co&location=%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&product=simpleshare&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&st_optout=false&url=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&sharURL=&buttonType=ERROR&destination=ERROR&source=ERROR&title=Russia-linked%20Sofacy%20APT%20targets%20an%20unnamed%20European%20Government%20agencySecurity%20Affairs&ts1521535039372.0=&sop=false HTTP 301
  • http://l.sharethis.com/sc?cm=CvQBClqwyD8AAAARHOwuAw%3D%3D&uid=true&url=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html
Request Chain 93
  • http://medianet-d.openx.net/w/1.0/acj?ai=9ba673ea-6bcc-4219-b5c1-ff16ad96238d&o=2215378463&callback=OX_mNCM_2215378463&ju=http%3A//securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html&jr=&auid=538672510&dims=1600x1200&adxy=0%2C0&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=0x0&ifr=1&tws=1600x1200 HTTP 302
  • http://medianet-d.openx.net/w/1.0/acj?cc=1&ai=9ba673ea-6bcc-4219-b5c1-ff16ad96238d&o=2215378463&callback=OX_mNCM_2215378463&ju=http%3A//securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html&jr=&auid=538672510&dims=1600x1200&adxy=0%2C0&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=0x0&ifr=1&tws=1600x1200
Request Chain 173
  • http://securityaffairs.co/wordpress?ga_action=googleanalytics_get_script HTTP 301
  • http://securityaffairs.co/wordpress/?ga_action=googleanalytics_get_script

211 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set sofacy-apt-european-government.html
securityaffairs.co/wordpress/70391/apt/
Redirect Chain
  • http://bit.ly/2pphqsG
  • http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
70 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache / PHP/5.6.34
Resource Hash
0cdadbf4384e9f45c6b02d514ce42f62460c4dcc4cfaa8078e7d3d88288b996e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:17 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.6.34
X-Pingback
http://securityaffairs.co/wordpress/xmlrpc.php
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
Transfer-Encoding
chunked
Set-Cookie
wfvt_2796755358=5ab0c83dc2ad9; expires=Tue, 20-Mar-2018 09:07:17 GMT; Max-Age=1800; path=/; httponly
Link
<http://securityaffairs.co/wordpress/wp-json/>; rel="https://api.w.org/", <http://securityaffairs.co/wordpress/?p=70391>; rel=shortlink
Keep-Alive
timeout=15

Redirect headers

Date
Tue, 20 Mar 2018 08:37:17 GMT
Server
nginx
Content-Type
text/html; charset=utf-8
Location
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Set-Cookie
_bit=i2k8Bh-f88e0d27384123fdf3-00H; Domain=bit.ly; Expires=Sun, 16 Sep 2018 08:37:17 GMT
Cache-Control
private, max-age=90
Connection
keep-alive
Content-Length
168
cli-style.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/css/cli-style.css?ver=1.5.3
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
6f51bc9ebf7850acad4c4f8599c06ec74ee3749b7f4e5d38d29fb8aa1fbf1424

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Wed, 16 Dec 2015 06:30:06 GMT
Server
Apache
ETag
"97a-526fe09789780"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
2426
style.css
securityaffairs.co/wordpress/wp-content/plugins/facebook-button-plugin/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/plugins/facebook-button-plugin/css/style.css?ver=dc488b3cf402a36ed8529f3196db2a8a
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
562487753256f10cc9e7bec2c59b54c5b6e564f9c72036675f14088415032775

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Tue, 13 Mar 2018 06:43:04 GMT
Server
Apache
ETag
"bc0-56745920b278a"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
3008
css
fonts.googleapis.com/ 		430 B
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Indie+Flower&ver=dc488b3cf402a36ed8529f3196db2a8a
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
216.58.214.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f74.1e100.net
Software
ESF /
Resource Hash
d6453e4ef533b200e04bb79efd3225c1f8e9fac71ece2ef7f7b9c7d8b4b7b73c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Mar 2018 08:37:18 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Tue, 20 Mar 2018 08:37:18 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=dc488b3cf402a36ed8529f3196db2a8a
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
108.161.189.121 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Content-Encoding
gzip
Last-Modified
Sat, 17 Feb 2018 21:46:17 GMT
Server
NetDNA-cache/2.2
Connection
keep-alive
ETag
W/"04425bbdc6243fc6e54bf8984fe50330"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31104000
Transfer-Encoding
chunked
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
Expires
Fri, 15 Mar 2019 08:37:18 GMT
custom.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/ 		19 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Wed, 16 Dec 2015 13:54:59 GMT
Server
Apache
ETag
"4d92-52704407f72c0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
19858
tipsy.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		539 B
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:04 GMT
Server
Apache
ETag
"21b-526fe6d7cd700"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
539
flexslider.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Wed, 16 Dec 2015 13:55:09 GMT
Server
Apache
ETag
"1851-5270441180940"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
6225
mediaelementplayer-legacy.min.css
securityaffairs.co/wordpress/wp-includes/js/mediaelement/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.6-78496d1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
ffa31f5802b20d64a10c71ad93394c1e2b4b16f33e2f479d8274fd02ce0a594f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Thu, 16 Nov 2017 13:57:00 GMT
Server
Apache
ETag
"2be0-55e19fe77c80f"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
11232
animation.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:02 GMT
Server
Apache
ETag
"6b4-526fe6d5e5280"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1716
font-awesome.min.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		17 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:02 GMT
Server
Apache
ETag
"4574-526fe6d5e5280"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
17780
swipebox.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:18 GMT
Server
Apache
ETag
"118d-526fe6e527680"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
4493
jquery.circliful.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		334 B
594 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:02 GMT
Server
Apache
ETag
"14e-526fe6d5e5280"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
334
screen.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		110 KB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:04 GMT
Server
Apache
ETag
"1b844-526fe6d7cd700"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
112708
custom-css.php
securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache / PHP/5.6.34
Resource Hash
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Server
Apache
Connection
keep-alive
X-Powered-By
PHP/5.6.34
Transfer-Encoding
chunked
Keep-Alive
timeout=15
Content-Type
text/css; charset: UTF-8;charset=UTF-8
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=dc488b3cf402a36ed8529f3196db2a8a
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
216.58.214.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f74.1e100.net
Software
ESF /
Resource Hash
cab944a462b37f84a06e26dc28c9d68818410763a2cd2d606d66c1d7eae7a906
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Mar 2018 08:37:18 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Tue, 20 Mar 2018 08:37:18 GMT
css
fonts.googleapis.com/ 		3 KB
1019 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=dc488b3cf402a36ed8529f3196db2a8a
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
216.58.214.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f74.1e100.net
Software
ESF /
Resource Hash
02e9b97056be5d76b813d92b67aac7d714f69536fe8af92a94d1dcbda8d0ad29
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Mar 2018 08:37:18 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Tue, 20 Mar 2018 08:37:18 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=dc488b3cf402a36ed8529f3196db2a8a
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
216.58.214.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f74.1e100.net
Software
ESF /
Resource Hash
66752d0563d35538a04b5ab58b05cebb936b9335470b6a211c2718234cae77c2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Mar 2018 08:37:18 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Tue, 20 Mar 2018 08:37:18 GMT
css
fonts.googleapis.com/ 		3 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=dc488b3cf402a36ed8529f3196db2a8a
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
216.58.214.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f74.1e100.net
Software
ESF /
Resource Hash
9253b2bc7ff479992bd37d1d951c8ce67695c6031345fe7fb21d9866bb7f93ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Mar 2018 08:37:18 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Tue, 20 Mar 2018 08:37:18 GMT
grid.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		49 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/grid.css?ver=dc488b3cf402a36ed8529f3196db2a8a
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:03 GMT
Server
Apache
ETag
"c5f2-526fe6d6d94c0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
50674
form-basic.css
securityaffairs.co/wordpress/wp-content/plugins/mailchimp-for-wp/assets/css/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.2
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
e533fb7de77474066905d811094257f4e166b6849e7ae584c2ef44ced9c80433

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Mon, 05 Mar 2018 23:58:19 GMT
Server
Apache
ETag
"d42-566b319aaee8c"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
3394
jquery.js
securityaffairs.co/wordpress/wp-includes/js/jquery/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Tue, 21 Jun 2016 17:49:20 GMT
Server
Apache
ETag
"17ba0-535cd70c3c800"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
97184
jquery-migrate.js
securityaffairs.co/wordpress/wp-includes/js/jquery/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
c68a880944aa03082e88bbe6c7df7747ee45f506fa777e76fb41709a0ba5a935

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Tue, 21 Jun 2016 17:49:20 GMT
Server
Apache
ETag
"5bc9-535cd70c3c800"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
23497
cookielawinfo.js
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/js/cookielawinfo.js?ver=1.5.3
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
1b516cb95ddf27703d0b1cfddab9c97fa9b2696644718dd1b4376c39dca93767

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Wed, 16 Dec 2015 06:30:09 GMT
Server
Apache
ETag
"16ae-526fe09a65e40"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
5806
script.js
securityaffairs.co/wordpress/wp-content/plugins/facebook-button-plugin/js/ 		462 B
736 B 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/plugins/facebook-button-plugin/js/script.js?ver=dc488b3cf402a36ed8529f3196db2a8a
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
a8f961f7ae2f3245e8383f659d264eb56983adb23a399b23a62fa951734d0768

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Tue, 13 Mar 2018 06:43:04 GMT
Server
Apache
ETag
"1ce-56745920b46ca"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
462
st_insights.js
w.sharethis.com/button/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
2.16.186.41 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-41.deploy.akamaitechnologies.com
Software
nginx/1.12.2 /
Resource Hash
9756bb2e61f42b57e4409a60a2b376ad5eea5f0276c6159ba957973f9210d2f1

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Content-Encoding
gzip
Server
nginx/1.12.2
ETag
W/"5aaad08e-53d5"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=259200
Connection
keep-alive
Content-Length
6053
Expires
Fri, 23 Mar 2018 08:24:33 GMT
sharethis.js
platform-api.sharethis.com/js/ 		150 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
23.67.137.77 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-67-137-77.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6ce3e202dbc8399999cf2d612b00fe92933870d7372174b9043db85d63afe70b

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Content-Encoding
gzip
ETag
W/"25653-K+gnfOi5aF+TH/+07emEQg"
Vary
Accept-Encoding
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
53445
logo_SecurityAffairs.png
securityaffairs.co/wordpress/wp-content/uploads/2015/12/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://securityaffairs.co/wordpress/wp-content/uploads/2015/12/logo_SecurityAffairs.png
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 16 Dec 2015 17:30:42 GMT
Server
Apache
ETag
"b0e9-5270743f5f480"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
45289
standard-facebook-ico.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/plugins/facebook-button-plugin/images/ 		768 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/securityaffairs.co/wordpress/wp-content/plugins/facebook-button-plugin/images/standard-facebook-ico.png
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
372b3aaa8c5955cd5361423f1893f65961c33ec2c87370643438169f0196c06f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-nc
HIT fra 17
date
Tue, 20 Mar 2018 08:37:19 GMT
x-content-type-options
nosniff
x-bytes-saved
12
last-modified
Fri, 23 Feb 2018 13:33:51 GMT
server
nginx
etag
"4d879b1e82413644"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://securityaffairs.co/wordpress/wp-content/plugins/facebook-button-plugin/images/standard-facebook-ico.png>; rel="canonical"
content-length
768
expires
Mon, 24 Feb 2020 01:33:51 GMT
sofacy-DealersChoice.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/sofacy-DealersChoice.png?w=551
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
52398f8c210ab7179618b7914acc1cdd78e67cf6419115bdf90ec510ec91faf0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-nc
HIT fra 17
date
Tue, 20 Mar 2018 08:37:19 GMT
x-content-type-options
nosniff
x-bytes-saved
25675
last-modified
Sun, 18 Mar 2018 09:20:30 GMT
server
nginx
etag
"fb4c4ee643636937"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://securityaffairs.co/wordpress/wp-content/uploads/2018/03/sofacy-DealersChoice.png>; rel="canonical"
content-length
5454
expires
Tue, 17 Mar 2020 21:20:30 GMT
nmedianet.js
contextual.media.net/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e86444d7e2540ac8722e0ff21297a8db57ab7fbe8261dae984e2bb7a942b179b

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:19 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
X-MNET-H
E
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
38542
Expires
Tue, 20 Mar 2018 08:37:19 GMT
twitter.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
b980a05e2b73c6bbf5536e4281a084f6718548214c496f599f7ef427a49cc327
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-nc
HIT fra 21
date
Tue, 20 Mar 2018 08:37:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2017 02:20:33 GMT
server
nginx
etag
"688ea5f9b2572e18"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png>; rel="canonical"
content-length
1420
expires
Sat, 22 Jun 2019 14:20:33 GMT
google.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/google.png
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ab313de30e88839debcbd24c24054cf91123244d263a16a9aa3864a50befaf92
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-nc
HIT fra 20
date
Tue, 20 Mar 2018 08:37:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2017 02:20:28 GMT
server
nginx
etag
"6c9fb433d80d4dee"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/google.png>; rel="canonical"
content-length
1596
expires
Sat, 22 Jun 2019 14:20:28 GMT
facebook.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
7fceadfed55064d3f3d49652e0817c49b2c78de5b6d9280b0477b5b653858bca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-nc
HIT fra 16
date
Tue, 20 Mar 2018 08:37:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2017 02:20:28 GMT
server
nginx
etag
"7d761bcfe7276283"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png>; rel="canonical"
content-length
1110
expires
Sat, 22 Jun 2019 14:20:28 GMT
linkedin.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
0bffe6a234d4da5672bb56597c0c60df3bfb0fb0899bde4be2241c1a27ed005e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-nc
HIT fra 21
date
Tue, 20 Mar 2018 08:37:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2017 02:20:33 GMT
server
nginx
etag
"d216aca9c063f83b"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png>; rel="canonical"
content-length
1432
expires
Sat, 22 Jun 2019 14:20:33 GMT
pinterest.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/pinterest.png
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
639b4509780048ed50d9f5cd861010522112bcf8c9c2d26f5ddec78c7e739a5b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-nc
HIT fra 20
date
Tue, 20 Mar 2018 08:37:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2017 02:20:29 GMT
server
nginx
etag
"a92e879388897fbc"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/pinterest.png>; rel="canonical"
content-length
1750
expires
Sat, 22 Jun 2019 14:20:29 GMT
reddit.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/reddit.png
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
d8c69f17ea9a0ab3fd3c929d5582527da38ac63d5b64fd8e9d4e63832b3a0cce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-nc
HIT fra 16
date
Tue, 20 Mar 2018 08:37:19 GMT
x-content-type-options
nosniff
last-modified
Sat, 10 Jun 2017 08:59:05 GMT
server
nginx
etag
"6b11edb7413f4c41"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/reddit.png>; rel="canonical"
content-length
1828
expires
Mon, 10 Jun 2019 20:59:05 GMT
email.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/email.png
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
4359fc4ebbddf4ab9e93191dedb6c19e6aa2d1531157cc3016796781f39615dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-nc
HIT fra 16
date
Tue, 20 Mar 2018 08:37:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Jun 2017 20:00:45 GMT
server
nginx
etag
"79668cf7f067af23"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/email.png>; rel="canonical"
content-length
1272
expires
Thu, 13 Jun 2019 08:00:45 GMT
stumbleupon.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/stumbleupon.png
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
c66614f9b335585b0cb4cc77e3a0ba22a358e6d0e234ec4d9f9f89fa3848fdc5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-nc
HIT fra 20
date
Tue, 20 Mar 2018 08:37:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2017 02:20:33 GMT
server
nginx
etag
"c58ef8a2420b9457"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/stumbleupon.png>; rel="canonical"
content-length
1520
expires
Sat, 22 Jun 2019 14:20:33 GMT
f00db26378ef7df7c440a8ee60ead62b
0.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://0.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
643a860832456b5a74825b79d625434b5c4c2a344b8f9bef3614b327bea52646

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-nc
HIT fra 3
Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 11 Jan 1984 08:00:00 GMT
Server
nginx
Source-Age
139679
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Content-Disposition
inline; filename="f00db26378ef7df7c440a8ee60ead62b.png"
Connection
keep-alive
Accept-Ranges
bytes
Link
<https://www.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g>; rel="canonical"
Content-Length
1186
Expires
Tue, 20 Mar 2018 08:42:19 GMT
sdk.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
213 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e8296706e1d0b9f25fcbb57152c9daa3963990f42607bafbac106492f31d3c54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
bAUKjg/3EP3QYJiXe2AVoA==
status
200
content-length
67201
x-xss-protection
0
x-fb-debug
npAAbF00Z6eu6SiXf3JY7KMkGIDlQUgkbp81lWdygCkweb8rHDNPXd6PxB98O+LGv2a1T6oa8R5iUIuqPJNJSw==
x-fb-content-md5
165e0d797bfee803f176fb38812ec128
x-frame-options
DENY
date
Tue, 20 Mar 2018 08:37:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"08f46d47fb1c1bf82e55058a97a0d8a3"
timing-allow-origin
*
expires
Tue, 20 Mar 2018 08:47:53 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.6
Non-Authoritative-Reason
HSTS
twemoji.js
securityaffairs.co/wordpress/wp-includes/js/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-includes/js/twemoji.js?ver=dc488b3cf402a36ed8529f3196db2a8a
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
464db2eecec0133fa595131850ae7478d8bc7359a5299a59985f1a42e389f187

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1; session_depth=securityaffairs.co%3D1%7C762221962%3D1; _ga=GA1.2.1552304683.1521535040; _gid=GA1.2.397819317.1521535040; _gat=1; bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78=1521535039_534230184265_8b2087b102c9e3e5ffed1c1478ed8b78_Direct; bfp_sn_pl=1521535039_534230184265
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Mon, 05 Feb 2018 20:49:27 GMT
Server
Apache
ETag
"6394-5647d32ab4432"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
25492
wp-emoji.js
securityaffairs.co/wordpress/wp-includes/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-includes/js/wp-emoji.js?ver=dc488b3cf402a36ed8529f3196db2a8a
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
d80a9fbd9c4a76d5d7c6b14e635088b322863f7a78f61508df1e77342669e0ec

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1; session_depth=securityaffairs.co%3D1%7C762221962%3D1; _ga=GA1.2.1552304683.1521535040; _gid=GA1.2.397819317.1521535040; _gat=1; bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78=1521535039_534230184265_8b2087b102c9e3e5ffed1c1478ed8b78_Direct; bfp_sn_pl=1521535039_534230184265; OX_mNCM_ud_q=; OX_ssn=59577725; OX_plg=pm; OX_mNCM_BI=; OX_mNCM_BI_TS=; OX_mNCM_digitrust_id=; OX_mNCM_digitrust_id_exp=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 17 Aug 2016 14:03:19 GMT
Server
Apache
ETag
"1a68-53a44ed6bb7c0"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
6760
Frost-Bank-2.jpg
securityaffairs.co/wordpress/wp-content/uploads/2018/03/ 		215 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://securityaffairs.co/wordpress/wp-content/uploads/2018/03/Frost-Bank-2.jpg
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
a0ab4f8fe07ab80e30aa3cbc19669c2692a48da30ca9e600559ab3760967238b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1; session_depth=securityaffairs.co%3D1%7C762221962%3D1; _ga=GA1.2.1552304683.1521535040; _gid=GA1.2.397819317.1521535040; _gat=1; bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78=1521535039_534230184265_8b2087b102c9e3e5ffed1c1478ed8b78_Direct; bfp_sn_pl=1521535039_534230184265; OX_mNCM_ud_q=; OX_ssn=59577725; OX_plg=pm; OX_mNCM_BI=; OX_mNCM_BI_TS=; OX_mNCM_digitrust_id=; OX_mNCM_digitrust_id_exp=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Mon, 19 Mar 2018 22:15:26 GMT
Server
Apache
ETag
"35d22-567cb4b82bca6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
220450
Consular-Department-of-the-Embassy-of-the-Russian-Federation.jpg
securityaffairs.co/wordpress/wp-content/uploads/2016/12/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://securityaffairs.co/wordpress/wp-content/uploads/2016/12/Consular-Department-of-the-Embassy-of-the-Russian-Federation.jpg
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
13c74a3d594ad23aea83d2e896e0bfad0b527dfbdbb0c222dc52a481df3ec85c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1; session_depth=securityaffairs.co%3D1%7C762221962%3D1; _ga=GA1.2.1552304683.1521535040; _gid=GA1.2.397819317.1521535040; _gat=1; bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78=1521535039_534230184265_8b2087b102c9e3e5ffed1c1478ed8b78_Direct; bfp_sn_pl=1521535039_534230184265; OX_mNCM_ud_q=; OX_ssn=59577725; OX_plg=pm; OX_mNCM_BI=; OX_mNCM_BI_TS=; OX_mNCM_digitrust_id=; OX_mNCM_digitrust_id_exp=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Tue, 13 Dec 2016 10:50:54 GMT
Server
Apache
ETag
"16f0f-54387fe95078f"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
93967
Digging-The-Deep-Web.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
69e652101a2c4d8040d6f6082b20b858fc8b7840339ca067d64499f2e9b22a9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-nc
HIT fra 20
date
Tue, 20 Mar 2018 08:37:19 GMT
x-content-type-options
nosniff
x-bytes-saved
49467
last-modified
Sun, 18 Mar 2018 21:02:15 GMT
server
nginx
etag
"64b96d212b84fe07"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length
6390
expires
Wed, 18 Mar 2020 09:02:15 GMT
infosec16.png
securityaffairs.co/images/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://securityaffairs.co/images/infosec16.png
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
d242e05b27b8d6ace3bfc206e9ab79ee073cd07647ffeb3c257b8abb61ae9cb4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1; session_depth=securityaffairs.co%3D1%7C762221962%3D1; _ga=GA1.2.1552304683.1521535040; _gid=GA1.2.397819317.1521535040; _gat=1; bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78=1521535039_534230184265_8b2087b102c9e3e5ffed1c1478ed8b78_Direct; bfp_sn_pl=1521535039_534230184265; OX_mNCM_ud_q=; OX_ssn=59577725; OX_plg=pm; OX_mNCM_BI=; OX_mNCM_BI_TS=; OX_mNCM_digitrust_id=; OX_mNCM_digitrust_id_exp=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Sat, 11 Jun 2016 08:36:11 GMT
Server
Apache
ETag
"dc63-534fc8c2214c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
56419
paganini.jpg
securityaffairs.co/images/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://securityaffairs.co/images/paganini.jpg
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
abf0a396ecd082fb921175db8d4bc820ac383082eb4f8a566f4cee5aaa786808

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1; session_depth=securityaffairs.co%3D1%7C762221962%3D1; _ga=GA1.2.1552304683.1521535040; _gid=GA1.2.397819317.1521535040; _gat=1; bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78=1521535039_534230184265_8b2087b102c9e3e5ffed1c1478ed8b78_Direct; bfp_sn_pl=1521535039_534230184265; OX_mNCM_ud_q=; OX_ssn=59577725; OX_plg=pm; OX_mNCM_BI=; OX_mNCM_BI_TS=; OX_mNCM_digitrust_id=; OX_mNCM_digitrust_id_exp=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 16 Dec 2015 01:06:12 GMT
Server
Apache
ETag
"10128-526f9831d4900"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
65832
02_red.png
securityaffairs.co/images/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://securityaffairs.co/images/02_red.png
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
8b63cfc4750823ed439e52bb326ff1e25a0ab07846da5c1b956c82ddb9474a1f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1; session_depth=securityaffairs.co%3D1%7C762221962%3D1; _ga=GA1.2.1552304683.1521535040; _gid=GA1.2.397819317.1521535040; _gat=1; bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78=1521535039_534230184265_8b2087b102c9e3e5ffed1c1478ed8b78_Direct; bfp_sn_pl=1521535039_534230184265; OX_mNCM_ud_q=; OX_ssn=59577725; OX_plg=pm; OX_mNCM_BI=; OX_mNCM_BI_TS=; OX_mNCM_digitrust_id=; OX_mNCM_digitrust_id_exp=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 16 Dec 2015 01:06:11 GMT
Server
Apache
ETag
"14ebf-526f9830e06c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
85695
VMware-Workstation-Icon-48.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2017/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2017/12/VMware-Workstation-Icon-48.png?resize=300%2C300
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ee3075e90934b801ac5bf075bacbe5811753bbbf903ddd83cf14986121cb5c58
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-nc
HIT fra 17
date
Tue, 20 Mar 2018 08:37:19 GMT
x-content-type-options
nosniff
x-bytes-saved
38722
last-modified
Sat, 17 Mar 2018 18:53:06 GMT
server
nginx
etag
"0ce8715fd65f58f3"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://securityaffairs.co/wordpress/wp-content/uploads/2017/12/VMware-Workstation-Icon-48.png>; rel="canonical"
content-length
4248
expires
Tue, 17 Mar 2020 06:53:06 GMT
ssba.css
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ 		105 KB
105 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=dc488b3cf402a36ed8529f3196db2a8a
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
606438e847fe03016f9b522edc743ae201910c9583ad332d94ae4e3504ceb27e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:18 GMT
Last-Modified
Mon, 19 Mar 2018 22:51:23 GMT
Server
Apache
ETag
"1a468-567cbcc1b300e"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
107624
photon.js
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20130122
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
87879846a54fe4a250a2a9808103f1ed6943af45e4cbb7f067c44da57c61b3d4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Tue, 06 Mar 2018 22:52:41 GMT
Server
Apache
ETag
"562-566c64ccc30e5"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1378
jquery.adrotate.clicktracker.js
securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
2f64b025cec8c93dcb01fe88f0e79c134bc0a6c751787360153865dfa9f3a962

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Tue, 13 Mar 2018 06:43:02 GMT
Server
Apache
ETag
"40b-5674591f1f261"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1035
devicepx-jetpack.js
s0.wp.com/wp-content/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201812
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Tue, 20 Mar 2018 08:37:19 GMT
content-encoding
gzip
server
nginx
etag
W/"5867460b-52b6"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Sun, 17 Mar 2019 16:50:07 GMT
ssba.js
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=dc488b3cf402a36ed8529f3196db2a8a
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Mon, 19 Mar 2018 22:51:23 GMT
Server
Apache
ETag
"792-567cbcc1b8dce"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1938
hint.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		987 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:17 GMT
Server
Apache
ETag
"3db-526fe6e433440"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
987
jquery.tipsy.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:17 GMT
Server
Apache
ETag
"1113-526fe6e433440"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
4371
jquery.easing.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:17 GMT
Server
Apache
ETag
"1fa1-526fe6e433440"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
8097
browser.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:16 GMT
Server
Apache
ETag
"a36-526fe6e33f200"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
2614
jquery.flexslider-min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 16 Dec 2015 13:55:10 GMT
Server
Apache
ETag
"53ae-5270441274b80"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
21422
waypoints.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:18 GMT
Server
Apache
ETag
"1f6c-526fe6e527680"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
8044
mediaelement-and-player.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/ 		69 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 16 Dec 2015 13:55:14 GMT
Server
Apache
ETag
"11571-5270441645480"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
71025
jquery.swipebox.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1; session_depth=securityaffairs.co%3D1%7C762221962%3D1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:17 GMT
Server
Apache
ETag
"2a67-526fe6e433440"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
10855
jquery.circliful.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1; session_depth=securityaffairs.co%3D1%7C762221962%3D1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:17 GMT
Server
Apache
ETag
"c18-526fe6e433440"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
3096
jquery.smarticker.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1; session_depth=securityaffairs.co%3D1%7C762221962%3D1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:17 GMT
Server
Apache
ETag
"3225-526fe6e433440"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
12837
custom.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1; session_depth=securityaffairs.co%3D1%7C762221962%3D1; _ga=GA1.2.1552304683.1521535040; _gid=GA1.2.397819317.1521535040; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:16 GMT
Server
Apache
ETag
"31d4-526fe6e33f200"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
12756
wp-embed.js
securityaffairs.co/wordpress/wp-includes/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-includes/js/wp-embed.js?ver=dc488b3cf402a36ed8529f3196db2a8a
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
336383f7ac92ebfd27fa47a1380a49a64b47d1b763f34909f464e826d738e10a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1; session_depth=securityaffairs.co%3D1%7C762221962%3D1; _ga=GA1.2.1552304683.1521535040; _gid=GA1.2.397819317.1521535040; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Thu, 16 Nov 2017 13:57:00 GMT
Server
Apache
ETag
"c45-55e19fe79bc0f"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
3141
plusone.js
apis.google.com/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
216.58.206.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f14.1e100.net
Software
ESF /
Resource Hash
30ace6a9999ef90eaad3df0a3a23b2bb688ec0461865ea56f2d58a780c800daa
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180318.16_p0
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy
script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180318.16_p0
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
date
Tue, 20 Mar 2018 08:37:19 GMT
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"81b618add6ed8e90dd0b7fc32a9c094d"
timing-allow-origin
*
expires
Tue, 20 Mar 2018 08:37:19 GMT
e-201812.js
stats.wp.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-201812.js
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
aea0c8ddd84132838fcee935f9d827ec5f7ba116e443b25db7a5bcc944cbe914

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Tue, 20 Mar 2018 08:37:19 GMT
content-encoding
gzip
server
nginx
etag
W/"5a0c8e17-3298"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
expires
Sun, 17 Mar 2019 09:56:06 GMT
sc
l.sharethis.com/
Redirect Chain
  • http://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&fpc=6f69f6a-162428e378c-3d8a2044-1&sessionID=1521535039372.40074&hostname=securityaffairs.co&location=%2Fwordpress%2F70391%2F...
  • http://l.sharethis.com/sc?cm=CvQBClqwyD8AAAARHOwuAw%3D%3D&uid=true&url=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://l.sharethis.com/sc?cm=CvQBClqwyD8AAAARHOwuAw%3D%3D&uid=true&url=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
52.57.39.144 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-57-39-144.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Access-Control-Allow-Origin
http://securityaffairs.co
Access-Control-Max-Age
1728000
P3p
policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location
/sc?cm=CvQBClqwyD8AAAARHOwuAw%3D%3D&uid=true&url=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
*
Content-Length
187
Stid
CvQBClqwyD8AAAARHOwuAw==

Redirect headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Access-Control-Allow-Origin
http://securityaffairs.co
Access-Control-Max-Age
1728000
P3p
policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location
/sc?cm=CvQBClqwyD8AAAARHOwuAw%3D%3D&uid=true&url=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
*
Content-Length
187
Stid
CvQBClqwyD8AAAARHOwuAw==
analytics.js
www.google-analytics.com/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
172.217.16.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f174.1e100.net
Software
Golfe2 /
Resource Hash
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2017 20:19:12 GMT
server
Golfe2
age
6197
date
Tue, 20 Mar 2018 06:54:02 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
14597
expires
Tue, 20 Mar 2018 08:54:02 GMT
TK3hWkUHHAIjg75-ohoTus9CAZek1w.woff2
fonts.gstatic.com/s/oswald/v16/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/oswald/v16/TK3hWkUHHAIjg75-ohoTus9CAZek1w.woff2
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f3.1e100.net
Software
sffe /
Resource Hash
19e1c4c97917724cacf9f2e3c544ed0925a14ef28a79565b7bae38fc70ac82f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=dc488b3cf402a36ed8529f3196db2a8a
Origin
http://securityaffairs.co

Response headers

Date
Mon, 12 Feb 2018 14:10:15 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Nov 2017 15:19:11 GMT
Server
sffe
Age
3090424
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
9644
X-XSS-Protection
1; mode=block
Expires
Tue, 12 Feb 2019 14:10:15 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f3.1e100.net
Software
sffe /
Resource Hash
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=dc488b3cf402a36ed8529f3196db2a8a
Origin
http://securityaffairs.co

Response headers

Date
Mon, 12 Feb 2018 16:24:58 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Oct 2017 18:23:20 GMT
Server
sffe
Age
3082341
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
13944
X-XSS-Protection
1; mode=block
Expires
Tue, 12 Feb 2019 16:24:58 GMT
fontawesome-webfont.woff
securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Pragma
no-cache
Origin
http://securityaffairs.co
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Origin
http://securityaffairs.co

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 16 Dec 2015 06:58:09 GMT
Server
Apache
ETag
"ad90-526fe6dc92240"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
44432
TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v16/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/oswald/v16/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f3.1e100.net
Software
sffe /
Resource Hash
a26fd52082f9c6c191e6f75ca86d82544f74ec979da9c64406a89bea6247a9e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=dc488b3cf402a36ed8529f3196db2a8a
Origin
http://securityaffairs.co

Response headers

Date
Fri, 23 Feb 2018 11:32:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Nov 2017 15:18:49 GMT
Server
sffe
Age
2149495
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
9324
X-XSS-Protection
1; mode=block
Expires
Sat, 23 Feb 2019 11:32:24 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
fonts.gstatic.com/s/playfairdisplay/v13/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/playfairdisplay/v13/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f3.1e100.net
Software
sffe /
Resource Hash
d1a301f4dd52945b5cf0f0c018af9779de11a70d82c26edb17139756af5a16d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=dc488b3cf402a36ed8529f3196db2a8a
Origin
http://securityaffairs.co

Response headers

Date
Mon, 12 Feb 2018 19:24:58 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Nov 2017 15:20:15 GMT
Server
sffe
Age
3071541
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
16652
X-XSS-Protection
1; mode=block
Expires
Tue, 12 Feb 2019 19:24:58 GMT
S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/lato/v14/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f3.1e100.net
Software
sffe /
Resource Hash
155ef7601d4af029d8b6f3efa4ed4984748ea0a36c85f038f129ffdc6fb83b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=dc488b3cf402a36ed8529f3196db2a8a
Origin
http://securityaffairs.co

Response headers

Date
Thu, 08 Feb 2018 18:06:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Oct 2017 18:23:01 GMT
Server
sffe
Age
3421879
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
14824
X-XSS-Protection
1; mode=block
Expires
Fri, 08 Feb 2019 18:06:00 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f3.1e100.net
Software
sffe /
Resource Hash
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=dc488b3cf402a36ed8529f3196db2a8a
Origin
http://securityaffairs.co

Response headers

Date
Mon, 12 Feb 2018 18:55:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Oct 2017 18:24:00 GMT
Server
sffe
Age
3073294
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
14076
X-XSS-Protection
1; mode=block
Expires
Tue, 12 Feb 2019 18:55:45 GMT
browserfp.min.js
pxlclnmdecom-a.akamaihd.net/javascripts/ 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Protocol
HTTP/1.1
Server
2.16.186.80 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-80.deploy.akamaitechnologies.com
Software
/ Express
Resource Hash
e772a4405ae96672de123500416f5978fc758c5032715fe422d71a10bcaca90d

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Content-Encoding
gzip
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
Content-Length
26514
Expires
Tue, 20 Mar 2018 09:07:19 GMT
jstag
medianet-d.openx.net/w/1.0/ Frame 790E 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://medianet-d.openx.net/w/1.0/jstag?oxns=mNCM
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/15.0.0 /
Resource Hash
cd189095203daa2a823bd69830d259be3978a69d97f38005f3232190c56c5964

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Content-Encoding
gzip
Server
OXGW/15.0.0
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=3600
Content-Type
text/javascript
Content-Length
22365
Expires
Tue, 20 Mar 2018 09:37:19 GMT
rtbspub
contextual.media.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/rtbspub?&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=762221962&size=300x250&rp=0.90&vi=1521535039846675342&ugd=4&requrl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&useAppData=0&hlt=1&tr=0.8975110934125674
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e5405facae5a2a1490cd6e67cda423c4b334d7db880388cf509e670c92559210

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:19 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
720
X-MNET-HL2
E
Expires
Tue, 20 Mar 2018 08:37:19 GMT
fcmdynet.js
contextual.media.net/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/fcmdynet.js?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=762221962&size=300x250&cc=DE&wsip=2886780972&vif=1&requrl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&nse=3&vi=1521535039846675342&lw=1&ugd=4&re=1&ourl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&osrc=metatag&hlt=1&dfp=1&rtbs=1
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6457bc4119783af42d507c574911a3e8d426860ff132a8bb9fae3feef214dfe6

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=300
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
12659
X-MNET-HL2
E
Expires
Tue, 20 Mar 2018 08:42:19 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 134C 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
sffe /
Resource Hash
b3125d3c4f7dfa6652acea2cf7845db41eb5531788f0743c8e08122fb4df1b2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"3 / 573 of 1000 / last-modified: 1521490906"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
4922
X-XSS-Protection
1; mode=block
Expires
Tue, 20 Mar 2018 08:37:19 GMT
videoAds.js
adservetx.media.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adservetx.media.net/videoAds.js?cid=8CU5BD6EW&crid=126440378&dn=securityaffairs.co
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4a78793521151a8254c9ba47131cd1d68ffb829eaa39b780b07389b5ac3f8c17

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
2702
Expires
Tue, 20 Mar 2018 08:42:19 GMT
px.gif
contextual.media.net/ 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://contextual.media.net/px.gif?ch=1&rn=1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 19 Jul 2017 10:11:12 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=577330
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 27 Mar 2018 00:59:29 GMT
px.gif
a.mnet-ad.net/ 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://a.mnet-ad.net/px.gif?ch=2&rn=1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
2.16.186.83 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-83.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Last-Modified
Wed, 19 Jul 2017 10:11:12 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=32127
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 20 Mar 2018 17:32:46 GMT
bping.php
qsearch.media.net/ 		35 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qsearch.media.net/bping.php?&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=762221962&vi=1521535039846675342&ugd=4&lf=6&requrl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&cc=DE&sc=HE&lper=100&wsip=2886780972&r=1521535039442&vgd_sbSup=1&vgd_nvLogging=0&hvsid=00001521535039434024994892785678
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
2.16.186.113 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-113.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:19 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 20 Mar 2018 08:37:19 GMT
sc
l.sharethis.com/ 		80 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://l.sharethis.com/sc?cm=CvQBClqwyD8AAAARHOwuAw%3D%3D&uid=true&url=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
52.57.39.144 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-57-39-144.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ffe2bc694e76e8fb869ec60a320888895c44a21503be068ce35c6edf29fdb484

Request headers

X-DevTools-Emulate-Network-Conditions-Client-Id
37EB5E266854A49CF3805E8EF55A0B8
Origin
http://securityaffairs.co
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
Access-Control-Max-Age
1728000
Content-Type
application/json
Access-Control-Allow-Origin
http://securityaffairs.co
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
CvQBClqwyD8AAAARHOwuAw==
Access-Control-Allow-Headers
*
Content-Length
80
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j66&a=293104009&t=pageview&_s=1&dl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&ul=en-us&de=UTF-8&dt=Russia-linked%20Sofacy%20APT%20targets%20an%20unnamed%20European%20Government%20agencySecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1243562140&gjid=1207591390&cid=1552304683.1521535040&tid=UA-59069958-1&_gid=397819317.1521535040&_r=1&z=1744381723
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
172.217.16.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f174.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Mar 2018 08:37:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptmdP
dt.clnmde.com/ 		7 B
437 B 		Other
General
Check archive.org
Download Go to
Full URL
http://dt.clnmde.com/ptmdP
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: http://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3
Protocol
HTTP/1.1
Server
52.86.242.184 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-242-184.compute-1.amazonaws.com
Software
/ Express
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Cache-Control
max-age=0
Origin
http://securityaffairs.co
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
X-Powered-By
Express
ETag
W/"7-Jgyp3YpFd/wAt71YECmAdg"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
Content-Length
7
cet.js
dt.clnmde.com/ 		2 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://dt.clnmde.com/cet.js?identifier=bafp
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: http://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
20ef0f0c8d0eea98772412cea9b3b92612e3e53cb5e59152b5703165f56e8a53

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Origin
http://securityaffairs.co

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
X-Powered-By
Express
ETag
W/"2-1M0Nq89MqiKtkvq0CETHhg"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
Content-Length
2
cec.js
dt.clnmde.com/ 		2 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://dt.clnmde.com/cec.js?identifier=bafp
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: http://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
20ef0f0c8d0eea98772412cea9b3b92612e3e53cb5e59152b5703165f56e8a53

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Origin
http://securityaffairs.co

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
X-Powered-By
Express
ETag
W/"2-1M0Nq89MqiKtkvq0CETHhg"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
Content-Length
2
cenw.js
dt.clnmde.com/ 		36 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://dt.clnmde.com/cenw.js?identifier=bafp
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: http://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3
Protocol
HTTP/1.1
Server
52.86.242.184 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-242-184.compute-1.amazonaws.com
Software
/ Express
Resource Hash
4baddcce817f3a0b000e66cddeffe37ad875e20f1388bf7480cf6b8c7666250c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Origin
http://securityaffairs.co

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
X-Powered-By
Express
ETag
W/"24-RHbjrEG8h6flDjfWi2Y8jA"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
Content-Length
36
beacon_img
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/beacon_img?ti=3&x=1521535039531
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
acj
medianet-d.openx.net/w/1.0/ Frame 790E
Redirect Chain
  • http://medianet-d.openx.net/w/1.0/acj?ai=9ba673ea-6bcc-4219-b5c1-ff16ad96238d&o=2215378463&callback=OX_mNCM_2215378463&ju=http%3A//securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-governm...
  • http://medianet-d.openx.net/w/1.0/acj?cc=1&ai=9ba673ea-6bcc-4219-b5c1-ff16ad96238d&o=2215378463&callback=OX_mNCM_2215378463&ju=http%3A//securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-go...
362 B
751 B 		Script
General
Check archive.org
Download Go to
Full URL
http://medianet-d.openx.net/w/1.0/acj?cc=1&ai=9ba673ea-6bcc-4219-b5c1-ff16ad96238d&o=2215378463&callback=OX_mNCM_2215378463&ju=http%3A//securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html&jr=&auid=538672510&dims=1600x1200&adxy=0%2C0&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=0x0&ifr=1&tws=1600x1200
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/15.0.0 /
Resource Hash
9393ea485408f373be75e1bec6272c3a16f5d695aaebcff39bee3ae363b3a2bc

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:19 GMT
Content-Encoding
gzip
Server
OXGW/15.0.0
Vary
Accept
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Transfer-Encoding
chunked
Content-Type
application/json
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
http://medianet-d.openx.net/w/1.0/acj?cc=1&ai=9ba673ea-6bcc-4219-b5c1-ff16ad96238d&o=2215378463&callback=OX_mNCM_2215378463&ju=http%3A//securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html&jr=&auid=538672510&dims=1600x1200&adxy=0%2C0&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=0x0&ifr=1&tws=1600x1200
Date
Tue, 20 Mar 2018 08:37:19 GMT
Server
OXGW/15.0.0
Content-Length
0
P3P
CP="CUR ADM OUR NOR STA NID"
integrator.js
adservice.google.com/adsid/ Frame 134C 		111 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
207461e411e1ff6d6c5b0dd702d26031adb86de86ed3f571baa5a6fc498fc4b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Mar 2018 08:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
105
x-xss-protection
1; mode=block
pubads_impl_188.js
securepubads.g.doubleclick.net/gpt/ Frame 134C 		183 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
216.58.214.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f66.1e100.net
Software
sffe /
Resource Hash
855538077b6944e6a4300454d027510188c642643017949aaa8aa58652096f3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Tue, 20 Mar 2018 08:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Mar 2018 17:49:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
65992
x-xss-protection
1; mode=block
expires
Tue, 20 Mar 2018 08:37:19 GMT
/
www.facebook.com/impression.php/f2ae3593275e3c8/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/impression.php/f2ae3593275e3c8/?lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
31.13.92.36 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
no-cache
x-fb-debug
Lc4Y4WGgOr1rHTnEmeBUu9snAf9HXAcX6flgJiAtIFySPT/WzMVkeDfz7uROhPpUJ+hNiJI7o/qupVs1HRwBxw==
date
Tue, 20 Mar 2018 08:37:19 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
cet.js
dt.clnmde.com/ 		2 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://dt.clnmde.com/cet.js?identifier=bafp
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: http://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
20ef0f0c8d0eea98772412cea9b3b92612e3e53cb5e59152b5703165f56e8a53

Request headers

Access-Control-Request-Method
GET
Origin
http://securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Access-Control-Request-Headers
bafp-eg

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
ETag
W/"2-1M0Nq89MqiKtkvq0CETHhg"
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
Content-Length
2
cec.js
dt.clnmde.com/ 		2 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://dt.clnmde.com/cec.js?identifier=bafp
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: http://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3
Protocol
HTTP/1.1
Server
52.86.242.184 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-242-184.compute-1.amazonaws.com
Software
/ Express
Resource Hash
20ef0f0c8d0eea98772412cea9b3b92612e3e53cb5e59152b5703165f56e8a53

Request headers

Access-Control-Request-Method
GET
Origin
http://securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Access-Control-Request-Headers
bafp-ec

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
ETag
W/"2-1M0Nq89MqiKtkvq0CETHhg"
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
Content-Length
2
log
qsearch.media.net/ 		35 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qsearch.media.net/log?logid=kfk&evtid=videoerror&cid=8CU5BD6EW&crid=null&dn=securityaffairs.co&REASON=33&ACTION=0&visitorId=DefVid&dc=1&adtagId=126440378&bidder_id=99999&biddertagid=99999&bsr=Chrome_63&dt=desktop&os=MAC&id=00001521535039801013429707177473&purl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
2.16.186.113 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-113.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:19 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 20 Mar 2018 08:37:19 GMT
cet.js
dt.clnmde.com/ 		36 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://dt.clnmde.com/cet.js?identifier=bafp
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
52.86.242.184 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-242-184.compute-1.amazonaws.com
Software
/ Express
Resource Hash
4baddcce817f3a0b000e66cddeffe37ad875e20f1388bf7480cf6b8c7666250c

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Origin
http://securityaffairs.co
Bafp-Eg
e711fb40-2c19-11e8-a51f-a7048d87c498
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
X-Powered-By
Express
Etag
e711fb40-2c19-11e8-a51f-a7048d87c498
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
Content-Length
36
cec.js
dt.clnmde.com/ 		36 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://dt.clnmde.com/cec.js?identifier=bafp
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
4baddcce817f3a0b000e66cddeffe37ad875e20f1388bf7480cf6b8c7666250c

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Origin
http://securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Bafp-Ec
e711fb40-2c19-11e8-a51f-a7048d87c498

Response headers

Date
Tue, 20 Mar 2018 08:37:19 GMT
X-Powered-By
Express
ETag
W/"24-RHbjrEG8h6flDjfWi2Y8jA"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=630720000
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
Content-Length
36
Expires
Tue, 31 Dec 2030 23:30:45 GMT
kbb.php
contextual.media.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/kbb.php?cme=FCIgUes4lP8jgFeZgNKmic0rL2-LujhG_F35HOVEMPXoyy-2ZV1jLvon8EUh3DY_9_LIOYRvjrgdsPnTFZGmUkpm--mFnhHqLts4iOKhK47Be1FBgDho4ST02hqPkNFHw83atFSbNK8%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7C0bm4u78ysocOEQZjP3lQgsZseCAp4RlraSHHaYPVOOM3thtTVfLrFt_iqcldY3e6cr4aGjXOyElU3ysfMJ2ISR6zkBzmCwppGt0deZoN4q4%3D%7CsRBSg3CPSiQ%3D%7C&srp=ZPL-DvhZL6tgmKrUtO99v1m1jGIaBP3UQzvhFqmHrZ26Uq_-84s4pKDauc3HElwQ&klp=9HH5ZicDb_9QN1l5X7rYEmV6NGcKulyJTGy69ezS471zrcSd6vf3t_0QbR9TYsMgJEFbQmNOTpLQSyBjEwryaCRnAV0Qj1AGYfYClaVfiU-BFaNG8e_jRTDhocff9LBUGwGMcx-cTMO9CAhan9CKlcrqciEH9eHGm7Za4_dW8xeqXfEM2-gTaxbQDz0SjF5bK2KjSuDtCDxd-U4CqDH2pJFe59vCRA3Gz3wJX_a93Thk1DbOU3z-FT0c_PfntJeO5h6FtWatyK2wIfWs8rd_6KNkfcAvvTcVBaKG4NRT7EYWY0WrotkrN_HjgDdq6VFXQuOWMnBr2lVN_yr-4b0r8A%3D%3D&nse=3&bid=210870&cb=resultPageUtil.kwdRandmzn[%271521535039846675342%27]
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/fcmdynet.js?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=762221962&size=300x250&cc=DE&wsip=2886780972&vif=1&requrl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&nse=3&vi=1521535039846675342&lw=1&ugd=4&re=1&ourl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&osrc=metatag&hlt=1&dfp=1&rtbs=1
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
58beff4434b0490dc5f331ba5a7f011dabff161df51956b4c5ceb402d7cec24d

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
X-MNET-KBB
E2
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
874
Expires
Tue, 20 Mar 2018 08:37:20 GMT
nrr.js
contextual.media.net/__media__/js/util/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/__media__/js/util/nrr.js?v=78
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/fcmdynet.js?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=762221962&size=300x250&cc=DE&wsip=2886780972&vif=1&requrl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&nse=3&vi=1521535039846675342&lw=1&ugd=4&re=1&ourl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&osrc=metatag&hlt=1&dfp=1&rtbs=1
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9869bf998d9dee691349d634a714bf20d6bde49c9d5160eb1cf103f76c4738e5

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Content-Length
19030
Expires
Tue, 03 Apr 2018 08:37:20 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 134C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2301729248263447&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21060552%2C21061583%2C21061149%2C21061241%2C21061569&sc=0&sfv=1-0-17&iu=%2F45361917%2F8CU5BD6EW-762221962-300x250_inside_post&sz=300x250&scp=crid%3D762221962%26mnet_segment%3D0.96%26mnet_variant%3D35%26pub_domain%3Dsecurityaffairs.co%26mnet_cc%3DDE&eri=4&cookie_enabled=1&lmt=1521535039&dt=1521535039943&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=320&ady=2340&adk=3177995050&gut=v2&ifi=1&ifk=4087891906&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&top=securityaffairs.co&dssz=4&icsg=34&std=0&vrg=188&vis=1&scr_x=0&scr_y=0&ga_vid=1552304683.1521535040&ga_sid=1521535040&ga_hid=317027015
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Protocol
SPDY
Server
216.58.214.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f66.1e100.net
Software
cafe /
Resource Hash
6ba3cda2ed44e47a8012c76dfb69657a7d2aa587125882f6b6efe22453c3a278
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Origin
http://securityaffairs.co

Response headers

date
Tue, 20 Mar 2018 08:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
1400
x-xss-protection
1; mode=block
google-lineitem-id
731779997
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
33134140517
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://securityaffairs.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_188.js
securepubads.g.doubleclick.net/gpt/ Frame 134C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_188.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Protocol
SPDY
Server
216.58.214.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f66.1e100.net
Software
sffe /
Resource Hash
a6ae50acb2000fab66cfd21243ebe3e48bcda59331a4b39100cd9152407ce757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Tue, 20 Mar 2018 08:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Mar 2018 17:49:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
14686
x-xss-protection
1; mode=block
expires
Tue, 20 Mar 2018 08:37:19 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-17/html/ Frame 134C 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-17/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Protocol
HTTP/1.1
Server
216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Purpose
prefetch
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 28 Feb 2018 18:53:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27 Feb 2018 14:43:12 GMT
Server
sffe
Age
1691031
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, immutable, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1451
X-XSS-Protection
1; mode=block
Expires
Thu, 28 Feb 2019 18:53:28 GMT
mediamain.html
contextual.media.net/ Frame BC45 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/mediamain.html?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=762221962&pid=8PO5M70HK&size=300x250&cpnet=yVb1sHm-0KIh29BOFTjjrEBbIZGw_v2fXpyZXRW3WVE%3D&cme=FCIgUes4lP8jgFeZgNKmic0rL2-LujhG_F35HOVEMPXoyy-2ZV1jLvon8EUh3DY_9_LIOYRvjrgdsPnTFZGmUkpm--mFnhHqLts4iOKhK47Be1FBgDho4ST02hqPkNFHw83atFSbNK8%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7C0bm4u78ysocOEQZjP3lQgsZseCAp4RlraSHHaYPVOOM3thtTVfLrFt_iqcldY3e6cr4aGjXOyElU3ysfMJ2ISR6zkBzmCwppGt0deZoN4q4%3D%7CsRBSg3CPSiQ%3D%7C&cc=DE&bf=0&vif=1&nse=3&bid=210870&vi=1521535039846675342&lw=1&ugd=4&ib=0&ourl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&osrc=metatag&katbid=-2&nb=1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a7de29b35851203cdf04ae80eee77acb0f1a68177ee095d0680d31ba03449a8

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=300
X-MNET-HL3
E
Connection
keep-alive
Content-Length
13214
Expires
Tue, 20 Mar 2018 08:42:20 GMT
nmedianet.js
contextual.media.net/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
279d6e3605a33c41822d9e51b105aa88a22e7a0c4caea5329fd4c8a1a3eb0e6d

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
X-MNET-H
E
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
38562
Expires
Tue, 20 Mar 2018 08:37:20 GMT
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IgZghiBcDaCMAGA7AZmQFgwTgGyIBo8DDSTyzDcMLbEBdA8CAZxlyYAtOZYAmQn3iNwYGHyYBXSeL4BWJiwAuEJZLZx5IgF5Ro8JgAcA5jBAA3EEwCmAO0vQQhqyGM9H8OULmo5iVNhyGHyoAbi4yIgYyNgAHC5KGiDwwXEoGLjycvFM5km4AHSIBd4uEAA2MKhMYADGMAC0BiDWeiCItQBGACa4qLWIDXwxtU3w1rENEEKoQ90Q4bi1tdj+qC7WSgCWMJ7evv7Yikqm0IQgLADWZj7BqIjwscG4ci5XAO5KZnueBwEA+rcQg8nnwXhsts4PBhYiU5PAChg5HCMG9yspvl5fn4Aj4+C5ymJ9ExauolP8tt0zLEAMIAVTkACEACK4ACiAHUXMZ6vosT4cdghbEmABHay7AC+QA
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
52.86.242.184 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-242-184.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
cet.js
dt.clnmde.com/ 		2 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://dt.clnmde.com/cet.js?identifier=bafp
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: http://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3
Protocol
HTTP/1.1
Server
52.86.242.184 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-242-184.compute-1.amazonaws.com
Software
/ Express
Resource Hash
20ef0f0c8d0eea98772412cea9b3b92612e3e53cb5e59152b5703165f56e8a53

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Origin
http://securityaffairs.co

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
X-Powered-By
Express
ETag
W/"2-1M0Nq89MqiKtkvq0CETHhg"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
Content-Length
2
cec.js
dt.clnmde.com/ 		2 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://dt.clnmde.com/cec.js?identifier=bafp
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: http://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
20ef0f0c8d0eea98772412cea9b3b92612e3e53cb5e59152b5703165f56e8a53

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Origin
http://securityaffairs.co

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
X-Powered-By
Express
ETag
W/"2-1M0Nq89MqiKtkvq0CETHhg"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
Content-Length
2
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4Ig1ghiBcIKYHYCMSBmAjALABgLQCYBjJATlxTgA5cIBWNGhbTSgE0oUMxMpABpw6GEgGEAbjBDAAOiADOcOXICWAewB2AfTkAXVQCcIAczizosxCgw4CxMhWp0GEJi3adulWX1mFVqsGU4TVYIHQgzC2Q0LDwiUnIkKhp6VEZmNg4uHlkAX355cJ0AVzkYAG0SAF0BAC8oaBEQAAcjSQkBOHUJWGaCowALSSRafBGAZlpscZJaTHxxmYA2JdcEHgKdMtgkeZ5sBEwl-FpaXgExbZAlgDpsG7HaAogAGxhxgVRCGHJOhpBsIR0KwluNCHF1oREskIGNxgRQisloRCCRpuMCnAdMphKMJlMZgJdG1oNgiWBJLRxvNxtgkJR5ksnuSAO46YZ4qkEkiaKk0ukM-BMzHKPo7FgPeg3TC0SWYApyF66DmPSbTWbjfAFF6oYSiUo6TTKViSSgAYQAqrQAEIAESWAFEAOr9b6NTlqnDYfBkkAARzgwlyQA
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IgpgHiBcIAwgDQgM4GMD2MQEYCsATPgMx5zECcA+nsQCwHFw4AcDAbHkqpgGYw5k6DABds+IrTKUa9RszYFOVFgCMCcFgHZVOOATQUwxMHl68wAExxocdLSytqH3YSP7RBPUZfGES0tS0DEysHHhUBACGOFq8qswUvFEsLOS8aGha7FF0xFpo7I4EjFxCmCKWHl5gANZR2GBasXB0ZAC0BjgU7Tg4YCztqTgE7bTNeHb2vFoE3HWqAshoAG4o2MAAOqhgKCgAlhgAdlQoIhgATlEA5mDb0NtNLW1wnbY9fQNDLCNj+fhTOKzbaIbaYDC1fZgKiWKIiKL3R7NLStDpdD79QbDUbjAF0abAkAAX1c8JEAFd1tAANqMAC6yAAXg1PMgAA7XbAreZHbmwNnca4ACz8klI5AoeBClHY7BR9goLG4IipuAYirgWjo7AIeDwSuQa2w7AAdHATZJuFEADYwYjIDIwXrIMAs+BoVSWdjENCvAhaChoXqY9pRIjETqw2XsTIUcjEeYifYCfxSCVCESc6BwIS1bDBeRhJRlVC1ADuYlgEgCEtkIQU4Xm+wFVboLAtkxNbQ7dFc1rOoprlFoc2Q1uqy0pIio+18sBYAGEAKp4ABCABF2ABRADqgrQKbFZDocH0WmQAEcwAIiUA
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
52.86.242.184 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-242-184.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IgtgniBcDasEYA0BmATABiQNk0tKALFmgKwCcGAulUiAO4COMstIAxgE5gAOLIAdlxo0CcrgD6Acx4AXCQhBsAhgBtZMUhiwhlAE1V6YOgM6zlsgK4mWKNgC9lMZCB5SYIAG4g6AUwB23tCuPiBSABYeCKSipChaKOSkhASJ2NgCGIQC5AAcobI2wQgpeRgChLikpPl0nkUg2AB0GE2xoWowKHQAZuwwALQuvk7BGOwARnrYKOwYA2g57EMIvrkDyqIoC3rK6djs7JQoKKG+sgCWzjHR8RiJdGbu0KYA1h5xKSgYCLkp2KRQiZXvQNMUbnEEuQJJ8CD8-mgAWcLnxioRcm1SAgmoRSJjCEDVGYohC7ok4mhQqoes46OxrPILkZgrkAMIAVVIACEACLYACiAHVQlJ+tBorE7sQMNhCHRGL5nABfIA
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IgxmAWDWIFwG0QHYBsAmTBGAnBkAugDQgC2AnvAglkQMzoAMRGz6dALGwKw6MHEQAZwAuAQxEBXIVQ6CAXmPi0QABwDm8EADcQJAKYA7XXDV6Q6yFqzd0Nut0Z0c3Du2epUyRh2Q4AHOYiMqZYbgGMyBwY3NyBJNohIKgAdIwpdtzmYgA28HQkAGZg8AC0KvpKpoxgAEYAJqh0YIyl6H5g5Vj6-qVidnRt9WKeqBB8dHTm+iIAlsq29o7OJKKacMzCsKbcnOyMWP5uqFmr0ADuItaLu8s4APq7bnQHR+gn07Oq1hz+GdxYFIcbj-DjmIQ5UTXTIOJwuBjmHKFZQkMDSET3Wb1LT+ADCAFVuAAhAAiqAAogB1czqEpwGwwxxcSKbACO+mUAF8gA
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IglgbiBcAMB0BWANCAzgFwIYYK5pgG0BGATgF1UAvLGY1ABwHMYQpUBTAOymhAZComAC1bFEAJnEBmRLGmlEAFgnSFANnUB2WEq2kAHIJAYCfYisOwtS9RMSIjqCGZDr4CKYmNYANjGlUADMAYxgAWnoQDlo+WBCAIwATdWkQ2HCJfRDI4g4DcKwpaUykrE11EJDSeWljDgwwOkkZOQVUTBY4DoBrVkRpFWlYYgMVdW9egHcMMRaBttIAfQGhkbGJCfqwAXMlA3h7YnglREPlYzRfTDmvWXlFaQljXyC6VBD8DCWwJNYDADCAFVEAAhAAi6gAogB1YxMMLQcR3ORKWDWCSoACOHDoAF8gA
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
52.86.242.184 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-242-184.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
nrr.js
contextual.media.net/__media__/js/util/ Frame 16E2 		56 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/__media__/js/util/nrr.js?v=78
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9869bf998d9dee691349d634a714bf20d6bde49c9d5160eb1cf103f76c4738e5

Request headers

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Content-Length
19030
Expires
Tue, 03 Apr 2018 08:37:20 GMT
11354_d2e9c37e359ed9ee8ba98baecc5834b2.png
contextual.media.net/__media__/images/800000006/ Frame 16E2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://contextual.media.net/__media__/images/800000006/11354_d2e9c37e359ed9ee8ba98baecc5834b2.png
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/__media__/js/util/nrr.js?v=78
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0a6b90b75ea7a7ffcf626ab21af202818e7f820e487ba05c122e68c4702a843d

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Last-Modified
Mon, 12 Feb 2018 11:51:32 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2049
Expires
Tue, 03 Apr 2018 08:37:20 GMT
bullet1.woff
contextual.media.net/__media__/fonts/bullet1/ Frame 16E2 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/__media__/fonts/bullet1/bullet1.woff
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/__media__/js/util/nrr.js?v=78
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d9ac862518df3efb07d7cecda391ab683489cf26fa04d62e179ba60869dd69bb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Origin
http://securityaffairs.co

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
Apache
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1792
secondcall
search.keywordblocks.com/ Frame 16E2 		2 KB
869 B 		Script
General
Check archive.org
Download Go to
Full URL
http://search.keywordblocks.com/secondcall?enip=ztgyRwl%2BKa8yC6mKAEKFaxMI3NEUHza%2FASvNrMZQuRWWpEL5ncz7%2FyFfoZZAJadMpxQXT3gTRVONpicsKsgkjHdLDOsy%2FSV57Pxcpc9%2FexUr140P02bQE7hljNiysWDEXkIPojcxOklNc89%2BCDswPnRzzi3LzbxsVSPN8nkTFP2qmtjISlp1QGXhuBySTe1ANe%2F1xmVTC7tqOE6dtlt%2Bl4rNKgM%3D
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
50.58.197.14 , United States, ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG),
Reverse DNS
Software
Apache /
Resource Hash
bcb940213b69c6315df4053aa387b59a6cc3ae5308d61351e64a4e71f26aa3ab

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=127
Content-Length
555
Expires
-1
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20180312/r20110914/activeview/ Frame 99F5 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20180312/r20110914/activeview/osd_listener.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Protocol
SPDY
Server
216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f1.1e100.net
Software
cafe /
Resource Hash
5ca0636ee5ba9229b08ea875292b99b035d0794fa922a5f1eeab0ff4ed766ec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 13:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
674143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
26437
x-xss-protection
1; mode=block
server
cafe
etag
5447488165261728430
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Mar 2018 13:21:37 GMT
osd.js
pagead2.googlesyndication.com/pagead/ Frame 134C 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Protocol
HTTP/1.1
Server
172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
74a78cea892f43d01c7573729c200c97dfebe5835476364435e411d0a674e28a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 20 Mar 2018 08:27:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
577
ETag
13992280071806881209
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
28091
X-XSS-Protection
1; mode=block
Expires
Tue, 20 Mar 2018 09:27:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 99F5 		0
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXjdoj2ZOr9BROm7VgT9IQEsg9-RDX6VPdPfzW7WrvOIe3EXs4JwKaGUrI7mhByd9BDWjBcgTON0CSqy3m0d7C_CMCbfZRFJU1tcL2hY4gqSKrDwlX-aTomWvCaab7rHzYGuPK9ocbWriFuVUYHm4rxFb1BpTQfvIXY-6rSgBklmob8jH1DUENuESxux5I5WaytZrWY8N0DzHTIthW5QwzaOiVawa6FMLm7C9Xn7j44hHXXXFkywwZKzzjfEGzzeHohqTGfs2oGPkRZwGRfmRv8PS1hCnn0Q&sig=Cg0ArKJSzPNwscjFwhKeEAE&urlfix=1&adurl=
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
216.58.214.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Mar 2018 08:37:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
content-type
text/html; charset=UTF-8
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Tue, 20 Mar 2018 08:37:20 GMT
spinner.gif
contextual.media.net/__media__/pics/yahookeywordsblock/ Frame 16E2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://contextual.media.net/__media__/pics/yahookeywordsblock/spinner.gif
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4dc14fe5df68d2ae899e237faf9264d6df02605dd655368cb856cd6ce75c7573

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Last-Modified
Mon, 09 May 2011 06:11:57 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4176
Expires
Tue, 03 Apr 2018 08:37:20 GMT
pixel
opt-east.media.net/rtbs/ 		43 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://opt-east.media.net/rtbs/pixel?key=4%3A%3A20180320%3A%3A08%3A%3ADE%3A%3A10.6.3.1_7017&value=96&bid=4&country=DE&cid=8CU5BD6EW&crid=762221962&domain=securityaffairs.co&size=300x250&buyerid=null
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:20 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 20 Mar 2018 08:37:20 GMT
log
qsearch-a.akamaihd.net/ 		35 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qsearch-a.akamaihd.net/log?logid=kfk&evtid=rtbstl&url=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&domain=securityaffairs.co&size=300x250&ext_user_id=0&iid=0&auction_id=d395125ac22944e981958ca942fe27dd&ip=148.251.45.254&crid=762221962&b4b=0.96&b9b=0.9&bc=0.96&rtbW=4&app_dis=0&cc=DE&rc=HE&bname=&bid_type=-1&bmlevel=0&mnet_segment=0.96&cmw=4&subBdr=35&dfp=1&source=2&dt=4
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
2.16.186.67 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-67.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:20 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 20 Mar 2018 08:37:20 GMT
jstag
medianet-d.openx.net/w/1.0/ Frame 77A6 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://medianet-d.openx.net/w/1.0/jstag?oxns=mNCM
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/15.0.0 /
Resource Hash
f68798ab285059d5e7ca4a9f987d080fa8d3ee74d8755ba80592fe4351914431

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
OXGW/15.0.0
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=3600
Content-Type
text/javascript
Content-Length
22326
Expires
Tue, 20 Mar 2018 09:37:20 GMT
rtbspub
contextual.media.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/rtbspub?&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=184323154&size=300x250&rp=0.50&vi=1521535040730500716&ugd=4&requrl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&useAppData=0&hlt=1&tr=0.7532027974629991
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
97374c49dd90daa024dc87ce46d0b193837994807c6c8aabbdad7f8fe979da34

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
720
X-MNET-HL2
E
Expires
Tue, 20 Mar 2018 08:37:20 GMT
fcmdynet.js
contextual.media.net/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/fcmdynet.js?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=184323154&size=300x250&cc=DE&wsip=2886780972&vif=1&requrl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&nse=3&vi=1521535040730500716&lw=1&ugd=4&re=1&ourl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&osrc=metatag&hlt=1&dfp=1&rtbs=1
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d7f431a827ef4ddf3ba2c4a94d468781c8180a5e26a63cd64bc6e71cc5fb599b

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
12749
X-MNET-HL2
E
Expires
Tue, 20 Mar 2018 08:42:20 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame A4B0 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
sffe /
Resource Hash
b3125d3c4f7dfa6652acea2cf7845db41eb5531788f0743c8e08122fb4df1b2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"3 / 264 of 1000 / last-modified: 1521490906"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
4922
X-XSS-Protection
1; mode=block
Expires
Tue, 20 Mar 2018 08:37:20 GMT
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IgtgniBcDasEYA0BmATABiQNk0tKALFmgKwCcGAukrGqnriUSRdTSAO4COMsHAYwBOYAA58QAdlxo0CcrgD6Ac1EAXRQhBIpMuQrSKwAQwCWAO0VoQHYwBs1MLCGMATO66c6AzmuNqAV28+FA4AL2MYZBBRZRgQADdtEABTcyToGOTlAAt4hFI5UhRSDBRyUkICcuxsSQxCSXIADmS1YMyEKpaMSUJcUlJWnQSOkGwAOgwJouT7GBQdADMBGABaaJTIzIwBACNXbBQBDDW0JoENhBTmteM5FDPXY1rsAQFKFBRklLVTKMKBRKZXIPjUcWgzm8AGt4sUqigMAhmlVsKRkjDOI5OoDiqVyop4QQkSi0GifqZxJ1CM0ZqQEBNCKQ6YQMXZfPlccDysVrDo7EsojoBEENKZPJlmgBhACqpAAQgARbAAUQA6tlVtACkVgcQUCidNwUlEAL5AA
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
52.86.242.184 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-242-184.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
bping.php
qsearch.media.net/ 		35 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qsearch.media.net/bping.php?&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=184323154&vi=1521535040730500716&ugd=4&lf=6&requrl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&cc=DE&sc=HE&vsid=1645366398927814&lper=100&wsip=2886780972&r=1521535040387&vgd_sbSup=1&vgd_nvLogging=0&hvsid=00001521535040382024994892787551
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
2.16.186.113 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-113.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:20 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 20 Mar 2018 08:37:20 GMT
acj
medianet-d.openx.net/w/1.0/ Frame 77A6 		362 B
753 B 		Script
General
Check archive.org
Download Go to
Full URL
http://medianet-d.openx.net/w/1.0/acj?o=1436308269&callback=OX_mNCM_1436308269&ju=http%3A//securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html&jr=&auid=538672497&dims=1600x1200&adxy=0%2C0&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=0x0&ifr=1&tws=1600x1200&si=59577725&nl=24&ul=221
Requested by
Host: medianet-d.openx.net
URL: http://medianet-d.openx.net/w/1.0/jstag?oxns=mNCM
Protocol
HTTP/1.1
Server
173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/15.0.0 /
Resource Hash
41445fd5c4002af7bf79309d58e4999e9d1c6dfb943cb7849ef717c7d2860bdb

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
OXGW/15.0.0
Vary
Accept
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Transfer-Encoding
chunked
Content-Type
application/json
Expires
Mon, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame A4B0 		111 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
207461e411e1ff6d6c5b0dd702d26031adb86de86ed3f571baa5a6fc498fc4b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Mar 2018 08:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
105
x-xss-protection
1; mode=block
pubads_impl_188.js
securepubads.g.doubleclick.net/gpt/ Frame A4B0 		183 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
216.58.214.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f66.1e100.net
Software
sffe /
Resource Hash
855538077b6944e6a4300454d027510188c642643017949aaa8aa58652096f3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Tue, 20 Mar 2018 08:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Mar 2018 17:49:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
65992
x-xss-protection
1; mode=block
expires
Tue, 20 Mar 2018 08:37:20 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 99F5 		42 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8iB155LO7gb3fkNszF-j3eP9z9fB0SVnk1QgYjSEhVuv7sW4PFFrI_upAs65xEFNYyU9PMV_NsK5-0ETM_3wgWDzD5b9nWiA&sig=Cg0ArKJSzFUCwkE3IUcHEAE&id=osdim&ti=1&r=z&adk=3177995050&tt=132&bs=1585,1200&mtos=0,0,0,0,0&tos=0,0,0,0,0&p=0,0,0,0&opac=1&inapp=0&bcn=1&mcvt=0&rs=3&ht=0&mc=0&lte=-1&bas=0&bac=0&bos=1600,1200&ps=1585,4566&ss=1600,1200&pt=1&deb=1-1-1-2-3-10-1-1&tvt=123&is=300,250&op=1&iframe_loc=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&avms=geo&uc=1&tgt=BODY&cl=1&cec=5&clc=0&cac=0&cd=0x0&v=r20180312
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Mar 2018 08:37:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IgpghgNiBcDaBdANOCAHO8QEYAsAHAHQBMArDkXmUTgOwAMIq+x5l1pZeIKIAzgBcIggK78sOAnwBeEODlToA5nBAA3ZuAB2m2CEyplACzU4yJcwGYyDKwE5uJKw4Bsrxnjr2CWwRP18Eh8GOjxXcjJfVHUAkFciBlJzLWg4K1QAMwBjOABaRTQ1BmyAIwATVytshjySb2yCnDACPIhLKzryiHdXbOz7OystMEEASwULa1sHVCFVWAY5gGs1Mis8ZwYpTdcyLX5lgHdBMyn1mfsAfXXNq22CXf3UMDHMQMIuDhpyHjmoIRnSwXOyOKwkLRQTIKVDZcSCK5jcpqAgAYQAqmQAEIAEVcAFEAOpaZS5WDmYE2Bh4BhkOgkVAARzACgAvkA
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
52.86.242.184 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-242-184.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IgxmAWDWIFwG0QHYBsAmTBGAnBkANCFgBwAsAzOhVgKxkgC6RAtgJ7wIJYFUAMBDAOplhtHH2YJ0vdAKEERYiY2YgAzgBcAhpoCu6zmTUAvbfB4gADgHN4IAG6EQAUwB2TuNec3I9uuh0FLR8FDj01GGoqMh8ZMg4JM6ahl5YZOiJfMhkGLS0SUQOqSCoAHR8ZYG0ztoANvAURABmYPAAtJYu5l58YABGACaoFGB87egJYJ1YLiTt2oEUE4Pa0agQEhQUzi6aAJYWtNXBoThEWnZwAhqwXrQUGRR8pBmoNRfQAO6a-sdBITCAH0Hk8XuR0O9dvsrP4yCQqrQsGUyLREQwLnUtH8ToDwlRnHVmhYiGADJogftBvYSABhACqtAAQgARVAAUQA6j42nAAgC4nxaMgmiAAI4uCwAXyAA
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
kbb.php
contextual.media.net/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/kbb.php?cme=yINvVCFxqLMbSqDgxM-acxgbv-13pHyD4y-MDQGBFdYUXQ-wXrJy0CPtTuDt0RSSxaoVDeZ3XY07KQMY9eHzta_iCBriuV7UZ-_IHi2pj1EhY9RBBPiQi5dCn9e6EzY48y5LXNPAQ9E%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7C0bm4u78ysocOEQZjP3lQgsZseCAp4RlraSHHaYPVOOM3thtTVfLrFt_iqcldY3e6cr4aGjXOyElU3ysfMJ2ISR6zkBzmCwppGt0deZoN4q4%3D%7CsRBSg3CPSiQ%3D%7C&srp=ZPL-DvhZL6tgmKrUtO99v1m1jGIaBP3UQzvhFqmHrZ26Uq_-84s4pKDauc3HElwQ&klp=9HH5ZicDb_-v1QiSPqIOczjg_3IblPv2ZioEfedMzU9AsfUtQAWy_DWBc3eAJKKdD8nrECUvJsfvjEWsDILoUThAKnNFQ2qVQpcH8VX1s1XaM9pdWnrZM-a57oNBul4KPSJUOgeMH63RPX080lfCtS2xIPY6jWXGfzS-XE1Y4JVJZixx2kJNgfeWRmfWxpyC6Bd928gQCqwfPlN3fQoKu443NfVFPS8h3LY510YVFDgjjVBcNevpm3tji1rn2Fv7TnhFq-tT0jrzSNZn6Gl4cCTw6TfdeorMJbiOpl6HaqgvGPl6gaC6eTVwBm0xu4_Lf_FKXKwgcB_KFnWHEiJiWQ%3D%3D&nse=3&bid=210870&cb=resultPageUtil.kwdRandmzn[%271521535040730500716%27]
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/fcmdynet.js?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=184323154&size=300x250&cc=DE&wsip=2886780972&vif=1&requrl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&nse=3&vi=1521535040730500716&lw=1&ugd=4&re=1&ourl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&osrc=metatag&hlt=1&dfp=1&rtbs=1
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8ef5776dae5a7ab59dca87233817cb4b4b136890a669334c6f0236ee7d799d8

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
X-MNET-KBB
E2
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
973
Expires
Tue, 20 Mar 2018 08:37:20 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame A4B0 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2179837183568952&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21061646%2C21060552%2C21061149%2C21061241&sc=0&sfv=1-0-17&iu=%2F45361917%2F8CU5BD6EW-184323154-Single_post_ads&sz=300x250&scp=crid%3D184323154%26mnet_segment%3D0.68%26mnet_variant%3D15%26pub_domain%3Dsecurityaffairs.co%26mnet_cc%3DDE&eri=4&cookie=ID%3D1aee003db8840b63%3AT%3D1521535039%3AS%3DALNI_Mbm7AVl--mfy7qql3N6FrVNqLWXkQ&lmt=1521535040&dt=1521535040679&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=973&ady=413&adk=2598375999&gut=v2&ifi=1&ifk=4087891906&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&top=securityaffairs.co&dssz=4&icsg=34&std=0&vrg=188&vis=1&scr_x=0&scr_y=0&ga_vid=1552304683.1521535040&ga_sid=1521535041&ga_hid=1124928383
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Protocol
SPDY
Server
216.58.214.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f66.1e100.net
Software
cafe /
Resource Hash
7520faf9b2c218b7f1c5c25308f0f33819277e0a64638878b36948b59f5c6cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Origin
http://securityaffairs.co

Response headers

date
Tue, 20 Mar 2018 08:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
1292
x-xss-protection
1; mode=block
google-lineitem-id
731773157
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
33134143277
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://securityaffairs.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_188.js
securepubads.g.doubleclick.net/gpt/ Frame A4B0 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_188.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Protocol
SPDY
Server
216.58.214.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f66.1e100.net
Software
sffe /
Resource Hash
a6ae50acb2000fab66cfd21243ebe3e48bcda59331a4b39100cd9152407ce757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Tue, 20 Mar 2018 08:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Mar 2018 17:49:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
14686
x-xss-protection
1; mode=block
expires
Tue, 20 Mar 2018 08:37:20 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-17/html/ Frame A4B0 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-17/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Protocol
HTTP/1.1
Server
216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Purpose
prefetch
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 28 Feb 2018 18:53:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27 Feb 2018 14:43:12 GMT
Server
sffe
Age
1691032
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, immutable, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1451
X-XSS-Protection
1; mode=block
Expires
Thu, 28 Feb 2019 18:53:28 GMT
mediamain.html
contextual.media.net/ Frame 98D1 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/mediamain.html?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=184323154&pid=8PO5M70HK&size=300x250&cpnet=yVb1sHm-0KIh29BOFTjjrHvHwrQGlpByWaOO1vn303s%3D&cme=yINvVCFxqLMbSqDgxM-acxgbv-13pHyD4y-MDQGBFdYUXQ-wXrJy0CPtTuDt0RSSxaoVDeZ3XY07KQMY9eHzta_iCBriuV7UZ-_IHi2pj1EhY9RBBPiQi5dCn9e6EzY48y5LXNPAQ9E%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7C0bm4u78ysocOEQZjP3lQgsZseCAp4RlraSHHaYPVOOM3thtTVfLrFt_iqcldY3e6cr4aGjXOyElU3ysfMJ2ISR6zkBzmCwppGt0deZoN4q4%3D%7CsRBSg3CPSiQ%3D%7C&cc=DE&bf=0&vif=1&nse=3&bid=210870&vi=1521535040730500716&lw=1&ugd=4&ib=0&ourl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&osrc=metatag&katbid=-2&nb=1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
47220893be1091914e43b1e266b1c73b1d7ff729b27a2ee72a06b0f6b5abefdf

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0, no-cache, no-store
X-MNET-HL3
E
Connection
keep-alive
Content-Length
13170
Expires
Tue, 20 Mar 2018 08:37:20 GMT
nmedianet.js
contextual.media.net/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
279d6e3605a33c41822d9e51b105aa88a22e7a0c4caea5329fd4c8a1a3eb0e6d

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
X-MNET-H
E
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
38562
Expires
Tue, 20 Mar 2018 08:37:20 GMT
jstag
medianet-d.openx.net/w/1.0/ Frame 2F9C 		63 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://medianet-d.openx.net/w/1.0/jstag?oxns=mNCM
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/15.0.0 /
Resource Hash
f68798ab285059d5e7ca4a9f987d080fa8d3ee74d8755ba80592fe4351914431

Request headers

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
OXGW/15.0.0
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=3600
Content-Type
text/javascript
Content-Length
22326
Expires
Tue, 20 Mar 2018 09:37:20 GMT
rtbspub
contextual.media.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/rtbspub?&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=639665355&size=300x600&rp=0.54&vi=1521535040967158751&ugd=4&requrl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&useAppData=0&hlt=1&tr=0.21239377691264272
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
275f5245ba26a938a893c77b9255287e3a2508bad5d7a3caf036489340ae04f3

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
724
X-MNET-HL2
E
Expires
Tue, 20 Mar 2018 08:37:21 GMT
fcmdynet.js
contextual.media.net/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/fcmdynet.js?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=639665355&size=300x600&cc=DE&wsip=2886780972&vif=1&requrl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&nse=3&vi=1521535040967158751&lw=1&ugd=4&re=1&ourl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&osrc=metatag&hlt=1&dfp=1&rtbs=1
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b529ac743332cb8dfba9db7b34c7462a4b6e0a250e7a190477c788defec89b6c

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 20 Mar 2018 08:37:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
12710
X-MNET-HL2
E
Expires
Tue, 20 Mar 2018 08:42:21 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 665D 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
sffe /
Resource Hash
b3125d3c4f7dfa6652acea2cf7845db41eb5531788f0743c8e08122fb4df1b2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"3 / 264 of 1000 / last-modified: 1521490906"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
4922
X-XSS-Protection
1; mode=block
Expires
Tue, 20 Mar 2018 08:37:20 GMT
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IgtgniBcDasEYA0BmATABiQNk0tKALFmgKwCcGAukrGqnriUSRdbSkuQOycJq8khFJ2wAOFFRogA7gEcYsaQGMATmAAOikN1xo0CcrgD6Acw0AXYwhBIdeg0bTGwAQwCWAO2NpbIBGLCBAikhGaWxigg0q4ANhYwWCCuACaxKYl2AM4WrhYArlmKknYAXq4wyCAapjAgAG5+AKaejdDVfqYAFnUhBqQopBgo5KEEI9jY3BiE3ORifhZF7QiEaPMY3IS4pKQLdvXLINgAdBgn-X5xMJwgAGbKMAC0VU0V7RjKAEYp2CjKGCeAnIyheCCaYiergMKCBKVck2wymUlBEzQs7kqpH6g2G5GyFlq0CSWQA1nUBmsUBgAmtsKQ-GSZAkVtiQriRsZKQQaYE0PTmu4tCtCGILqQECdCKRxYRGbEcr02QMhiMBr47LE7pU7MpClZ3Bl2mIAMIAVVIACEACLYACiAHVOo9oH12UNiGJAnY5E1KgBfIA
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
bping.php
qsearch.media.net/ 		35 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qsearch.media.net/bping.php?&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=639665355&vi=1521535040967158751&ugd=4&lf=6&requrl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&cc=DE&sc=HE&vsid=1645366398927814&lper=100&wsip=2886780972&r=1521535040886&vgd_sbSup=1&vgd_nvLogging=0&hvsid=00001521535040882024994892783803
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
2.16.186.113 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-113.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:20 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 20 Mar 2018 08:37:20 GMT
acj
medianet-d.openx.net/w/1.0/ Frame 2F9C 		361 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
http://medianet-d.openx.net/w/1.0/acj?o=244050789&callback=OX_mNCM_244050789&ju=http%3A//securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html&jr=&auid=538672509&dims=1600x1200&adxy=0%2C0&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=0x0&ifr=1&tws=1600x1200&si=59577725&nl=24%2C17&ul=221%2C20
Requested by
Host: medianet-d.openx.net
URL: http://medianet-d.openx.net/w/1.0/jstag?oxns=mNCM
Protocol
HTTP/1.1
Server
173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/15.0.0 /
Resource Hash
6db7426c84d3988d0243332dc6d85d2b8966af571e412b6f84a40d02974939f1

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
OXGW/15.0.0
Vary
Accept
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Transfer-Encoding
chunked
Content-Type
application/json
Expires
Mon, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame 665D 		111 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
207461e411e1ff6d6c5b0dd702d26031adb86de86ed3f571baa5a6fc498fc4b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Mar 2018 08:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
105
x-xss-protection
1; mode=block
pubads_impl_188.js
securepubads.g.doubleclick.net/gpt/ Frame 665D 		183 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
216.58.214.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f66.1e100.net
Software
sffe /
Resource Hash
855538077b6944e6a4300454d027510188c642643017949aaa8aa58652096f3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Tue, 20 Mar 2018 08:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Mar 2018 17:49:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
65992
x-xss-protection
1; mode=block
expires
Tue, 20 Mar 2018 08:37:20 GMT
spinner.gif
contextual.media.net/__media__/pics/yahookeywordsblock/ Frame 898D 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://contextual.media.net/__media__/pics/yahookeywordsblock/spinner.gif
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4dc14fe5df68d2ae899e237faf9264d6df02605dd655368cb856cd6ce75c7573

Request headers

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Last-Modified
Mon, 09 May 2011 06:11:57 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4176
Expires
Tue, 03 Apr 2018 08:37:20 GMT
nrr.js
contextual.media.net/__media__/js/util/ Frame 898D 		56 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/__media__/js/util/nrr.js?v=78
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9869bf998d9dee691349d634a714bf20d6bde49c9d5160eb1cf103f76c4738e5

Request headers

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Content-Length
19030
Expires
Tue, 03 Apr 2018 08:37:20 GMT
bullet1.woff
contextual.media.net/__media__/fonts/bullet1/ Frame 898D 		2 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/__media__/fonts/bullet1/bullet1.woff
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/__media__/js/util/nrr.js?v=78
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d9ac862518df3efb07d7cecda391ab683489cf26fa04d62e179ba60869dd69bb

Request headers

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
Apache
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1792
11354_d2e9c37e359ed9ee8ba98baecc5834b2.png
contextual.media.net/__media__/images/800000006/ Frame 898D 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://contextual.media.net/__media__/images/800000006/11354_d2e9c37e359ed9ee8ba98baecc5834b2.png
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/__media__/js/util/nrr.js?v=78
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0a6b90b75ea7a7ffcf626ab21af202818e7f820e487ba05c122e68c4702a843d

Request headers

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Last-Modified
Mon, 12 Feb 2018 11:51:32 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2049
Expires
Tue, 03 Apr 2018 08:37:20 GMT
secondcall
search.keywordblocks.com/ Frame 898D 		2 KB
868 B 		Script
General
Check archive.org
Download Go to
Full URL
http://search.keywordblocks.com/secondcall?enip=ztgyRwl%2BKa8yC6mKAEKFaxMI3NEUHza%2FASvNrMZQuRWWpEL5ncz7%2FyFfoZZAJadMpxQXT3gTRVONpicsKsgkjHdLDOsy%2FSV57Pxcpc9%2FexUr140P02bQE7hljNiysWDEXkIPojcxOklNc89%2BCDswPnRzzi3LzbxsVSPN8nkTFP2qmtjISlp1QGXhuBySTe1ANe%2F1xmVTC7tqOE6dtlt%2Bl4rNKgM%3D
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
50.58.197.14 , United States, ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG),
Reverse DNS
Software
Apache /
Resource Hash
bcb940213b69c6315df4053aa387b59a6cc3ae5308d61351e64a4e71f26aa3ab

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=60
Content-Length
555
Expires
-1
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20180312/r20110914/activeview/ Frame DA33 		71 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20180312/r20110914/activeview/osd_listener.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Protocol
SPDY
Server
216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f1.1e100.net
Software
cafe /
Resource Hash
5ca0636ee5ba9229b08ea875292b99b035d0794fa922a5f1eeab0ff4ed766ec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Mon, 12 Mar 2018 13:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
674143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
26437
x-xss-protection
1; mode=block
server
cafe
etag
5447488165261728430
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Mar 2018 13:21:37 GMT
osd.js
pagead2.googlesyndication.com/pagead/ Frame A4B0 		75 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Protocol
HTTP/1.1
Server
172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
74a78cea892f43d01c7573729c200c97dfebe5835476364435e411d0a674e28a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

Date
Tue, 20 Mar 2018 08:27:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
Age
577
ETag
13992280071806881209
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
28091
X-XSS-Protection
1; mode=block
Expires
Tue, 20 Mar 2018 09:27:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DA33 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlyCNf9QgtWv1WIkmlFnIYgTu7eKwYBK32PbkZT_TToLmcgPBfgMY0E9bKmphppPCH8pjSQwG8d34mXfZt1OoqZwJWb8u8sN80at3EaFXxwt9S1QCbVKcCi40JwC_hTVZVMwkeFSJH_z_spTYROGAz4TaTsYwHilXk4xKG91qADHNBJZ-8lavVIqdeO-dXQZVA40qxw0zZa-pDifJCoWvlWmq5urLSJxwEyeeSVQfYCFBIzYNhhwNyR8lsEUlD2tXOwsgI5IcRFEEjACzy3M-z1Fdi&sig=Cg0ArKJSzFDp9HronqTEEAE&urlfix=1&adurl=
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
216.58.214.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Mar 2018 08:37:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
content-type
text/html; charset=UTF-8
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
0
x-xss-protection
1; mode=block
pixel
opt-east.media.net/rtbs/ 		43 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://opt-east.media.net/rtbs/pixel?key=4%3A%3A20180320%3A%3A08%3A%3ADE%3A%3A10.6.3.5_7017&value=68&bid=4&country=DE&cid=8CU5BD6EW&crid=184323154&domain=securityaffairs.co&size=300x250&buyerid=null
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:21 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 20 Mar 2018 08:37:21 GMT
log
qsearch-a.akamaihd.net/ 		35 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qsearch-a.akamaihd.net/log?logid=kfk&evtid=rtbstl&url=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&domain=securityaffairs.co&size=300x250&ext_user_id=0&iid=0&auction_id=e3db9a2bf5fb42fabbeda7b36d30269d&ip=148.251.45.254&crid=184323154&b4b=0.68&b9b=0.54&bc=0.68&rtbW=4&app_dis=0&cc=DE&rc=HE&bname=&bid_type=-1&bmlevel=0&mnet_segment=0.68&cmw=4&subBdr=15&dfp=1&source=2&dt=4
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
2.16.186.67 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-67.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:21 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 20 Mar 2018 08:37:21 GMT
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IgxmAWDWIFwG0QHYBsAmTBGAnBkANCFgBwAsAzOhVgKxmEioV6q0W20gC6RAtgE94CBFgJUADAQxTqZWbRwTeCdOPRSZBOQqUqKBHMgNZ0xgpQOoSFbrxABnAC4BDJwFcHwsvYBeL+DEQAAcAc3gQADdGAFMAO2i4EMZQyAi6dDoOCRZ6ahZUVGQJMmQcEkYnLySsMnRyiWQyDE4KokjqpgA6CS7MriIXABt4AxAAMzB4AFogmICkiTAAIwATZjAJabMcMFmsGJJpl0yKbdWXQtQIJQoKWKcAS0DafuyWImdwuClHWCT2HUKBJSHU2IwHNAAO5OdKvLK0HI4AD6gOoIPI6HBRBij2C6TIJD6tCwXTItGJDE+Q2ccLeiNyVEYQ3GgSIYE8TmRj1WERIAGEAKq0ABCABFUABRADqKSmcAyCJKWCwNCIAEcYoEAL5AA
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:21 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
ads
securepubads.g.doubleclick.net/gampad/ Frame 665D 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=3647562053171799&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21061149%2C21061242%2C21061720%2C21061568&sc=0&sfv=1-0-17&iu=%2F45361917%2F8CU5BD6EW-639665355-Skyscraper_post_yahoo_300_x_600&sz=300x600&scp=crid%3D639665355%26mnet_segment%3D0.68%26mnet_variant%3D15%26pub_domain%3Dsecurityaffairs.co%26mnet_cc%3DDE&eri=4&cookie=ID%3D1aee003db8840b63%3AT%3D1521535039%3AS%3DALNI_Mbm7AVl--mfy7qql3N6FrVNqLWXkQ&lmt=1521535041&dt=1521535041216&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=600&oid=3&adx=973&ady=2331&adk=2891760302&gut=v2&ifi=1&ifk=4087892347&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&top=securityaffairs.co&dssz=4&icsg=34&std=0&vrg=188&vis=1&scr_x=0&scr_y=0&ga_vid=1552304683.1521535040&ga_sid=1521535041&ga_hid=151654594
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Protocol
SPDY
Server
216.58.214.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f66.1e100.net
Software
cafe /
Resource Hash
33d4d6d5446b47e13f369b9ca26618e791c4cce6dd5184b47eeafef34389bcda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Origin
http://securityaffairs.co

Response headers

date
Tue, 20 Mar 2018 08:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
1324
x-xss-protection
1; mode=block
google-lineitem-id
731773157
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
35793496517
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
http://securityaffairs.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_188.js
securepubads.g.doubleclick.net/gpt/ Frame 665D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_188.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Protocol
SPDY
Server
216.58.214.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f66.1e100.net
Software
sffe /
Resource Hash
a6ae50acb2000fab66cfd21243ebe3e48bcda59331a4b39100cd9152407ce757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Tue, 20 Mar 2018 08:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Mar 2018 17:49:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
14686
x-xss-protection
1; mode=block
expires
Tue, 20 Mar 2018 08:37:21 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-17/html/ Frame 665D 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-17/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Protocol
HTTP/1.1
Server
216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Purpose
prefetch
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 28 Feb 2018 18:53:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27 Feb 2018 14:43:12 GMT
Server
sffe
Age
1691033
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, immutable, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1451
X-XSS-Protection
1; mode=block
Expires
Thu, 28 Feb 2019 18:53:28 GMT
mediamain.html
contextual.media.net/ Frame FA08 		57 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/mediamain.html?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=639665355&pid=8PO5M70HK&size=300x600&cpnet=yVb1sHm-0KIh29BOFTjjrOMbY3Wy7OSYfNFL7sC0vVY%3D&cme=sj8jUgUthZgb1dk55FlquHTZZWJ5h3uCyeWPMZuARP06ymyV8xaf7IGyrTEw9Mqe0VEgnOI2lfgsjpp_kIry7BcGTHhLQPB8su0CxyMmpe-aZep7AcFhefS-26SA-aelKUhC-QRXHFM%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7C0bm4u78ysocOEQZjP3lQgsZseCAp4RlraSHHaYPVOOM3thtTVfLrFt_iqcldY3e6cr4aGjXOyElU3ysfMJ2ISR6zkBzmCwppGt0deZoN4q4%3D%7CsRBSg3CPSiQ%3D%7C&cc=DE&bf=0&vif=1&nse=3&bid=210870&vi=1521535040967158751&lw=1&ugd=4&ib=0&ourl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&osrc=metatag&katbid=-2&nb=1
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
17c1ae6db8c8a11c914105d47e67554a90aeb5996105cfe928c909e2020d67c0

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=300
X-MNET-HL3
E
Connection
keep-alive
Content-Length
13786
Expires
Tue, 20 Mar 2018 08:42:21 GMT
overlay.png
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/images/ 		135 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/images/overlay.png
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
4b456e49e6c017d53be594d467c4508368dbe32ea0fd52a4b0718d5dc1862d51

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/css/cli-style.css?ver=1.5.3
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1; _ga=GA1.2.1552304683.1521535040; _gid=GA1.2.397819317.1521535040; _gat=1; bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78=1521535039_534230184265_8b2087b102c9e3e5ffed1c1478ed8b78_Direct; bfp_sn_pl=1521535039_534230184265; OX_mNCM_ud_q=; OX_ssn=59577725; OX_plg=pm; OX_mNCM_BI=; OX_mNCM_BI_TS=; OX_mNCM_digitrust_id=; OX_mNCM_digitrust_id_exp=; bafp=e711fb40-2c19-11e8-a51f-a7048d87c498; __gads=ID=1aee003db8840b63:T=1521535039:S=ALNI_Mbm7AVl--mfy7qql3N6FrVNqLWXkQ; session_depth=securityaffairs.co%3D1%7C762221962%3D1%7C184323154%3D1%7C639665355%3D1; OX_mNCM_net_latency=24%2C17%2C84; OX_mNCM_user_latency=221%2C20%2C93
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/css/cli-style.css?ver=1.5.3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:21 GMT
Last-Modified
Wed, 16 Dec 2015 06:30:08 GMT
Server
Apache
ETag
"87-526fe09971c00"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
135
m8JVjfNVeKWVnh3QMuKkFcZVaUuH99GUDg.woff2
fonts.gstatic.com/s/indieflower/v9/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/indieflower/v9/m8JVjfNVeKWVnh3QMuKkFcZVaUuH99GUDg.woff2
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
HTTP/1.1
Server
216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f3.1e100.net
Software
sffe /
Resource Hash
5fe76b89002b51ecfbcfe67c4eaf99b7ab108168d099dda0d2a40398b06051f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Indie+Flower&ver=dc488b3cf402a36ed8529f3196db2a8a
Origin
http://securityaffairs.co

Response headers

Date
Fri, 23 Feb 2018 11:40:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Oct 2017 18:26:32 GMT
Server
sffe
Age
2149041
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
18960
X-XSS-Protection
1; mode=block
Expires
Sat, 23 Feb 2019 11:40:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.EvHJPRq_MPI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCNSMPEjiLoXugZWrB38evRsajWMig/ 		130 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.EvHJPRq_MPI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCNSMPEjiLoXugZWrB38evRsajWMig/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
SPDY
Server
216.58.206.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f14.1e100.net
Software
sffe /
Resource Hash
84cf7b58bf9470a372894d186bbd7e1ccac05b5baa84a7d0be44158f4981effc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 19 Mar 2018 17:44:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 18 Mar 2018 15:32:06 GMT
server
sffe
age
53552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
46380
x-xss-protection
1; mode=block
expires
Tue, 19 Mar 2019 17:44:49 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.EvHJPRq_MPI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCNSMPEjiLoXugZWrB38evRsajWMig/ 		100 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.EvHJPRq_MPI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQE/rs=AGLTcCNSMPEjiLoXugZWrB38evRsajWMig/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
SPDY
Server
216.58.206.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f14.1e100.net
Software
sffe /
Resource Hash
8e5cd0149eff438710d9e98c6834de800d2a0164440937d415f41abfce954e6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 19 Mar 2018 17:45:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 18 Mar 2018 15:32:06 GMT
server
sffe
age
53541
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
35385
x-xss-protection
1; mode=block
expires
Tue, 19 Mar 2019 17:45:00 GMT
/
securityaffairs.co/wordpress/
Redirect Chain
  • http://securityaffairs.co/wordpress?ga_action=googleanalytics_get_script
  • http://securityaffairs.co/wordpress/?ga_action=googleanalytics_get_script
569 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://securityaffairs.co/wordpress/?ga_action=googleanalytics_get_script
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
217.160.0.146 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
217-160-0-146.elastic-ssl.ui-r.com
Software
Apache / PHP/5.6.34
Resource Hash
b68659ff00e064d9afb54423ec69597994c1a141433f2ba1d58a2307c7a8dbea

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
securityaffairs.co
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
X-Requested-With
XMLHttpRequest
Cookie
wfvt_2796755358=5ab0c83dc2ad9; __unam=6f69f6a-162428e378c-3d8a2044-1; _ga=GA1.2.1552304683.1521535040; _gid=GA1.2.397819317.1521535040; _gat=1; bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78=1521535039_534230184265_8b2087b102c9e3e5ffed1c1478ed8b78_Direct; bfp_sn_pl=1521535039_534230184265; OX_mNCM_ud_q=; OX_ssn=59577725; OX_plg=pm; OX_mNCM_BI=; OX_mNCM_BI_TS=; OX_mNCM_digitrust_id=; OX_mNCM_digitrust_id_exp=; bafp=e711fb40-2c19-11e8-a51f-a7048d87c498; __gads=ID=1aee003db8840b63:T=1521535039:S=ALNI_Mbm7AVl--mfy7qql3N6FrVNqLWXkQ; session_depth=securityaffairs.co%3D1%7C762221962%3D1%7C184323154%3D1%7C639665355%3D1; OX_mNCM_net_latency=24%2C17%2C84; OX_mNCM_user_latency=221%2C20%2C93
Connection
keep-alive
Cache-Control
no-cache
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:21 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.6.34
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
Keep-Alive
timeout=15

Redirect headers

Location
http://securityaffairs.co/wordpress/?ga_action=googleanalytics_get_script
Date
Tue, 20 Mar 2018 08:37:21 GMT
Server
Apache
Connection
keep-alive
Keep-Alive
timeout=15
Content-Length
281
Content-Type
text/html; charset=iso-8859-1
g.gif
pixel.wp.com/ 		50 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pixel.wp.com/g.gif?v=ext&j=1%3A5.9&blog=29506073&post=70391&tz=0&srv=securityaffairs.co&host=securityaffairs.co&ref=&rand=0.9915663097396823
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:21 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Length
50
Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame DA33 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUDqA2f0sqLT0Vt_ddJ4oGr5wS1FAZFZPIlOcIXiW1bTCgaD9Cb1A9lWUkf_I5zg10iShYLFsBkutfcp_TgUzTZSwZ9KZjjR8&sig=Cg0ArKJSzCml6KriFfwYEAE&id=osdim&ti=1&r=z&adk=2598375999&tt=264&bs=1585,1200&mtos=0,0,0,0,0&tos=0,0,0,0,0&p=0,0,0,0&inapp=0&bcn=1&mcvt=0&rs=3&ht=0&mc=0&lte=-1&bas=0&bac=0&bos=1600,1200&ps=1585,4566&ss=1600,1200&pt=5&deb=1-1-1-5-3-32-1-1&tvt=234&is=300,250&op=1&iframe_loc=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&avms=geo&uc=1&tgt=BODY&cl=1&cec=5&clc=0&cac=0&cd=0x0&v=r20180312
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Mar 2018 08:37:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20180312/r20110914/activeview/ Frame CBA3 		71 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20180312/r20110914/activeview/osd_listener.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Protocol
SPDY
Server
216.58.206.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f1.1e100.net
Software
cafe /
Resource Hash
5ca0636ee5ba9229b08ea875292b99b035d0794fa922a5f1eeab0ff4ed766ec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Mon, 12 Mar 2018 13:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
674143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
26437
x-xss-protection
1; mode=block
server
cafe
etag
5447488165261728430
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Mar 2018 13:21:37 GMT
osd.js
pagead2.googlesyndication.com/pagead/ Frame 665D 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_188.js
Protocol
HTTP/1.1
Server
172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
74a78cea892f43d01c7573729c200c97dfebe5835476364435e411d0a674e28a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 20 Mar 2018 08:27:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
578
ETag
13992280071806881209
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
28091
X-XSS-Protection
1; mode=block
Expires
Tue, 20 Mar 2018 09:27:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CBA3 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3f5uGZ-emi5UKp3oHHBQeWkSbZLjAI05A6S1T7kdvlIC-tUqOD1ikat-n5HP0z1SlycGLPXD4pEqdCgRq7oFR-MQ3ACq2FH7iAFsjn_mpcAv12XoNb8DpREX2lh2ktLU_z3XxgMWVT7WTwnGO7hCCh6tdMYpGSqhzdCzK7BxKIt59zrWB7tKtiRB_JyWtpzGRMovmPwlLN_Xk7vA5WjhFpH1Y87kaeez2be19-_MDYg4nl5QQtZIAgVKP_-EHo8ps2bPBKKwSzBHwNWD0yItA7kp2WRI-FXf8oU-m6alI0pJ4pqg&sig=Cg0ArKJSzKfeISuIjpxVEAE&urlfix=1&adurl=
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
216.58.214.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s10-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Mar 2018 08:37:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
content-type
text/html; charset=UTF-8
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
0
x-xss-protection
1; mode=block
bql.php
qsearch.media.net/ Frame 16E2 		15 B
355 B 		Script
General
Check archive.org
Download Go to
Full URL
http://qsearch.media.net/bql.php?v=1&hvsid=00001521535039434024994892785678&geo=50.12|8.68&lper=100&bdrid=4&subBdr=35&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYMwmP_qudLbTyvroUASqGQW30Xyjy01TDF3_Stwe4v-ElSuUWt0QZ89OKBNmmLkT-B1BNxyV806xeeu77YR1tOg%3D&lpid=&tsid=1&ksu=112&q=&prv=&type=&ps=&cme=hVIkV5-3UnXd2OXONTdKnREwXwV9nHoyjFAHsV9rhVw3CCzRJKxk66U9ul8bJTIhRaQ2jz2CH_Hyraif9k_A34fETALEIm-5YJlJ6-YmeGlzQ5EU9QD0YjtaB_U8mVgsa81Adn-D0tLvIhx3ypcVHOQ4ktVmj6BrJ72Ovs8X6wn_bBlGOkSLA8iNEkulnmvwMaih27TcHKmhV53dAzGhWuIpbZ5yJbSl%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7C0bm4u78ysocOEQZjP3lQgsZseCAp4RlraSHHaYPVOOM3thtTVfLrFt_iqcldY3e6cr4aGjXOyElU3ysfMJ2ISR6zkBzmCwppGt0deZoN4q4%3D%7CsRBSg3CPSiQ%3D%7Ca1T_9_YYEiS-_opeqABzyPyHCq972Cbt3hes2Ll_HESwDycEjDtvLuiWwmVkmtWhaOtZ6Ws986Yi7DIBOCGwoFFsN2r09exvlvv47UCPE6rNLOxkJ6GiOtwn3TurCXYmRz9Yg-Bex5FTY9C7V5I4Q1dD0gpyFL_mlo6cOP-_sgrqBZm8zgAW0A%3D%3D%7C&hint=&td=&cc=DE&wsip=2886933722&bca=0&ugd=4&&rc=0&fdkt=266&kwd[]=US%20Government%20Agency&kwt[]=266&kbc[]=26922&kwp[]=1&kid[]=29487890&kbc2[]=2%7C%7Crpc%3D0.26&ktd[]=564874115547136&kwd[]=Low%20Cost%20Cell%20Phone%20Plans&kwt[]=240&kbc[]=ffe8333bff73fa55fc09b950d91ef1e2.d2s&kwp[]=2&kid[]=17967592&kbc2[]=rpc%3D1.04&ktd[]=274911592448&kwd[]=Build%20Your%20Own%20Website&kwt[]=240&kbc[]=ffe8333bff73fa55fc09b950d91ef1e2.d2s&kwp[]=3&kid[]=4488843&kbc2[]=rpc%3D0.59&ktd[]=274911592448&kwd[]=Cryptography%20Software&kwt[]=240&kbc[]=ffe8333bff73fa55fc09b950d91ef1e2.d2s&kwp[]=4&kid[]=7346012&kbc2[]=101%7C%7Crpc%3D0.11&ktd[]=274895077376&kwd[]=Security%20Policy%20Templates&kwt[]=240&kbc[]=ffe8333bff73fa55fc09b950d91ef1e2.d2s&kwp[]=5&kid[]=25584716&kbc2[]=101%7C%7Crpc%3D0.10&ktd[]=274895077376&rand=1521535040286&cid=8CU5BD6EW&vwid=1521535039846675342&vi=1521535039846675342&l3ch=0&slnkp=no&bdrct=0.96&rt=230&tdAdd[]=rtbsd%3D10&tdAdd[]=ib=0&dytm=1521535039928&matchstring=&rtbsd=10&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D24940&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7CopenxEnabled%3Dtrue&verid=111299&hvsid=00001521535039434024994892785678&upk=1521535039.3872&sttm=1521535039434&=&vgd_bdata=bb%3D0%7C%7Cbtd%3D655360%7C%7Cfbb%3D0%7C%7Curl_l%3D3%7C%7Cbid%3D0.96%7C%7Cdevice_l%3D2%7C%7Cvariant%3D1&vgd_refimp=13&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&matm=1521535040297&vsid=1645366398927814&lktgd=524306&lkpgd=UUID%3Duuid_s8_9_1521535040_832009363%7C%7CSID%3D14%7C%7CAN%3D6%7C%7CPTD2%3D0%7C%7Cerpm%3D-1.0%7C%7CKTGD%3D524306%7C%7CSI%3D801%7C%7CKSE%3D1521535040150%7C%7CHID%3D9%7C%7CMI%3D801%7C%7CCI%3D801%7C%7CMN%3D9%7C%7CPTD%3D141659008%7C%7CMPTD%3D232&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D24940&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_ckkr=1&vgd_ckadt=6&vgd_sc=HE&vgd_katbid=-2&vgd_kals=base&vgd_kalog=UUID%3Duuid_s12_nc1b_2_1521535039_482587632%7C%7CCI%3D801%7C%7CHID%3D2%7C%7CSID%3D11%7C%7CTPTD%3D260%7C%7CMPTD%3D176%7C%7CMI%3D801%7C%7CSI%3D801&vgd_kasts=tstype%3DBASE_BAG%7C%7C&vgd_altbql=sb&vgd_clsKb=2&vgd_pdtid=1&vgd_refcnf=%7B%22a2y%22%3A%7B%22afterLoadSecs%22%3A30%2C%22afterViewSecs%22%3A10%2C%22percentTraffic%22%3A50%7D%7D&vgd_sbSup=1&vgd_ourl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&vgd_osrc=metatag&oRurl=http%3A%2F%2Fcdn3ncal.media.net%2Fmediamain.html%3F%26esi%3D1%26%26cid%3D8CU5BD6EW%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253D%253D%26crid%3D762221962%26pid%3D8PO5M70HK%26size%3D300x250%26cpnet%3DyVb1sHm-0KIh29BOFTjjrEBbIZGw_v2fXpyZXRW3WVE%253D%26cme%3DFCIgUes4lP8jgFeZgNKmic0rL2-LujhG_F35HOVEMPXoyy-2ZV1jLvon8EUh3DY_9_LIOYRvjrgdsPnTFZGmUkpm--mFnhHqLts4iOKhK47Be1FBgDho4ST02hqPkNFHw83atFSbNK8%253D%257C%257CNDHRnZ9Gz3KXlI-i9OnZqQ%253D%253D%257C5gDUJdTGiJzedmq9hanWYg%253D%253D%257CN7fu2vKt8_s%253D%257C0bm4u78ysocOEQZjP3lQgsZseCAp4RlraSHHaYPVOOM3thtTVfLrFt_iqcldY3e6cr4aGjXOyElU3ysfMJ2ISR6zkBzmCwppGt0deZoN4q4%253D%257CsRBSg3CPSiQ%253D%257C%26cc%3DDE%26bf%3D0%26vif%3D1%26nse%3D3%26bid%3D210870%26vi%3D1521535039846675342%26lw%3D1%26ugd%3D4%26ib%3D0%26ourl%3Dhttp%253A%252F%252Fsecurityaffairs.co%252Fwordpress%252F70391%252Fapt%252Fsofacy-apt-european-government.html%26osrc%3Dmetatag%26katbid%3D-2%26nb%3D1%26chost%3Dcontextual.media.net%26fvips%3D0%26vpf%3D000%26ap%3D0%26pf%3D0%26isOffice%3D0&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bscr_h%3A1200%3Bscr_w%3A1600%3Bx_pos%3A320%3By_pos%3A2371%3Bkwd_scnt%3A5
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/__media__/js/util/nrr.js?v=78
Protocol
HTTP/1.1
Server
2.16.186.113 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-113.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:21 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Tue, 20 Mar 2018 08:37:21 GMT
log
navvy.media.net/ Frame 16E2 		807 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://navvy.media.net/log
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/__media__/js/util/nrr.js?v=78
Protocol
HTTP/1.1
Server
52.52.193.134 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-52-193-134.us-west-1.compute.amazonaws.com
Software
Jetty(9.4.7.v20170914) /
Resource Hash
0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Cache-Control
max-age=0
Origin
http://securityaffairs.co
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:21 GMT
Server
Jetty(9.4.7.v20170914)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache,no-store
Connection
keep-alive
Content-Length
807
Expires
Tue, 20 Mar 2018 08:37:21 GMT
pixel
c.ad-srv.co/ Frame 16E2 		0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.ad-srv.co/pixel
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
54.215.226.112 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-215-226-112.us-west-1.compute.amazonaws.com
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:21 GMT
Server
Varnish
Connection
keep-alive
X-Varnish
858264686
pixel
c.adyield.co/ Frame 16E2 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.adyield.co/pixel
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
52.9.8.193 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-9-8-193.us-west-1.compute.amazonaws.com
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:21 GMT
Server
Varnish
Connection
keep-alive
X-Varnish
40734033
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IgtgniBcDasEYA0BmATABiQNk0tKALFmgKwCcGAukrGqnriUSRdbSkuQOycJq8khFJ2wAOFDViEug-oOGiJVGiADuARxixVAYwBOYAA7aQ3XGjQJyuAPoBzIwBdbCEEjMWrNtLbABDAEsAO1s0dxAEMWECBFJCB2dbFAiomJQ4hICQ20IQVX8AGycYLBB-ABNCitKPRxLoEAiAZyd-JwBXZu1JDwAvfxhkECN7GBAANwiAU2CpxpM6gAtxuKtSFFIMFHJ4gh3sbG4MQm5yMQinbsaEQjRzjG5CXFJSC48J65BsADoMH-WESKME4IAAZroYABaYbTQaNDC6ABGFWwKF0GChAnIuhhCGmYih-isKCxFX8h2wul0lBEMycgSGpHWm225A8rTG0DKzQA1uMNncUBg0mhsKQWry1A1Isy4qydrZBQQRdExRKPNNAiYboQxADSAgfoRSAa8hzCq1VnKNlsdhtwh5CmChh5dF0XIEao0xABhACqpAAQgARbAAUQA6hF7JDoGt5VtCHFDh4NNMhgBfIA
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:21 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IgtgniBcDasEYA0BmATABiQNk0tKALFmgKwCcGAukrGqnriUSRdbSkuQOycJq8khFJ2wAOFDViEug-oOGiJU0rL4DOBFMjTltVGiADuARxixDAYwBOYAA7mQ3XGjQJyuAPoBzOwBdPBBAkJxc3DzRPMABDAEsAO080YJAEMWECBFJCH39PFBS0jO1sqLjEwhTsFA9sUhRSUlyA0hBDaIAbPxgsEGiAEw7+npDfbugQFIBnP2i-AFcp80kQgC9omGQQO28YEAA3FIBTeMOJh1GACz2st3rSDBrsrVruDEJucjEUvyWJhEIujEGG4hFwjW+IX2fxA2AAdBg4XcUp0YJwQAAzSwwAC0WyOGwmGEsACN+tVLBgcQJyJY8QgjmIcdE3Chqf1otguZZLJQRMc-LFNqQ7g1HuQQjNdtBelMANZ7eqAlAYIpoOrTOVGcapEVZMU1TxKgiq9Lq1ohI6xBz-QhiJGkBBwwikB2VSUdGY3PX3cX1ZIhDoYzYhSyLAKxYYTMQAYQAqqQAEIAEWwAFEAOopbzY6C3fUPQhZbj0EAmI6bAC+QA
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
52.86.242.184 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-242-184.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:21 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IglgbiBcBMA0IDOAXAhigrkmBtAjAJwC6iAXmjPogA4DmMIUiApgHZTQg0iJ0AWjfAFZYIgMzCADOMLCALLHGyAbCoDsU+esIAOXiBQ4u+RXqnr5K2MOH7EEYyBUA6KS7HCDaADYxxiABmAMYwALTUICyUXFLBAEYAJiriwVJhsDrBEfgsumFoYuIZiWhqKsHBhDLiBiwoYFSiEtKyiKgM0FLtANaMwuKK4lL4uooqXr0A7ihCzQOthAD6A0MjY7ATdWA8JvK6HsL4LvLCh-IGSD6oc56SMnLisAY+gVSIwdgoS2CJjLoAYQAqsIAEIAERUAFEAOoGOihaAiO7SeQidTCRAARxYVAAvkA
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:21 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
spinner.gif
contextual.media.net/__media__/pics/yahookeywordsblock/ Frame A432 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://contextual.media.net/__media__/pics/yahookeywordsblock/spinner.gif
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4dc14fe5df68d2ae899e237faf9264d6df02605dd655368cb856cd6ce75c7573

Request headers

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Last-Modified
Mon, 09 May 2011 06:11:57 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4176
Expires
Tue, 03 Apr 2018 08:37:20 GMT
nrr.js
contextual.media.net/__media__/js/util/ Frame A432 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/__media__/js/util/nrr.js?v=78
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9869bf998d9dee691349d634a714bf20d6bde49c9d5160eb1cf103f76c4738e5

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Content-Length
19030
Expires
Tue, 03 Apr 2018 08:37:21 GMT
pixel
opt-east.media.net/rtbs/ 		43 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://opt-east.media.net/rtbs/pixel?key=4%3A%3A20180320%3A%3A08%3A%3ADE%3A%3A10.6.3.4_7017&value=68&bid=4&country=DE&cid=8CU5BD6EW&crid=639665355&domain=securityaffairs.co&size=300x600&buyerid=null
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:21 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 20 Mar 2018 08:37:21 GMT
log
qsearch-a.akamaihd.net/ 		35 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qsearch-a.akamaihd.net/log?logid=kfk&evtid=rtbstl&url=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&domain=securityaffairs.co&size=300x600&ext_user_id=0&iid=0&auction_id=fdef6753d93a49218c691f81c5e99a6d&ip=148.251.45.254&crid=639665355&b4b=0.68&b9b=0.54&bc=0.68&rtbW=4&app_dis=0&cc=DE&rc=HE&bname=&bid_type=-1&bmlevel=0&mnet_segment=0.68&cmw=4&subBdr=15&dfp=1&source=2&dt=4
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
2.16.186.67 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-67.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:21 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 20 Mar 2018 08:37:21 GMT
bullet1.woff
contextual.media.net/__media__/fonts/bullet1/ Frame A432 		2 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/__media__/fonts/bullet1/bullet1.woff
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d9ac862518df3efb07d7cecda391ab683489cf26fa04d62e179ba60869dd69bb

Request headers

Response headers

Date
Tue, 20 Mar 2018 08:37:20 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
Apache
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1792
11355_d2e9c37e359ed9ee8ba98baecc5834b2.png
contextual.media.net/__media__/images/800000006/ Frame A432 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://contextual.media.net/__media__/images/800000006/11355_d2e9c37e359ed9ee8ba98baecc5834b2.png
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
23.56.3.183 Cambridge, United States, ASN26769 (BANDCON - Bandcon, US),
Reverse DNS
a23-56-3-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0a6b90b75ea7a7ffcf626ab21af202818e7f820e487ba05c122e68c4702a843d

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:21 GMT
Last-Modified
Mon, 12 Feb 2018 11:52:06 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2049
Expires
Tue, 03 Apr 2018 08:37:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CBA3 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuy79IEpDwJugOEOCy_C3fl0pqYKcfOIl085inhXJYEVf4duj_XgaYALmKWLweDP3qTniRoMQFh2cKpEN13mYZxM1SLiyrEmR4&sig=Cg0ArKJSzKZ_5HWJwzzUEAE&id=osdim&ti=1&r=z&adk=2891760302&tt=130&bs=1585,1200&mtos=0,0,0,0,0&tos=0,0,0,0,0&p=0,0,0,0&inapp=0&bcn=1&mcvt=0&rs=3&ht=0&mc=0&lte=0&bas=0&bac=0&bos=1600,1200&ps=1585,4285&ss=1600,1200&pt=1&deb=1-1-1-4-3-10-1-1&tvt=121&is=300,600&op=1&iframe_loc=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&avms=geo&uc=1&tgt=BODY&cl=1&cec=5&clc=0&cac=0&cd=0x0&v=r20180312
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Mar 2018 08:37:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
secondcall
search.keywordblocks.com/ Frame A432 		2 KB
868 B 		Script
General
Check archive.org
Download Go to
Full URL
http://search.keywordblocks.com/secondcall?enip=ztgyRwl%2BKa8yC6mKAEKFaxMI3NEUHza%2FASvNrMZQuRWWpEL5ncz7%2FyFfoZZAJadMpxQXT3gTRVONpicsKsgkjHdLDOsy%2FSV57Pxcpc9%2FexUr140P02bQE7hljNiysWDEXkIPojcxOklNc89%2BCDswPnRzzi3LzbxsVSPN8nkTFP2qmtjISlp1QGXhuBySR%2FoMxK2TNQy3r7wW6M4PRZIa%2BE%2B2jerC
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
50.58.197.14 , United States, ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG),
Reverse DNS
Software
Apache /
Resource Hash
bcb940213b69c6315df4053aa387b59a6cc3ae5308d61351e64a4e71f26aa3ab

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=47
Content-Length
555
Expires
-1
bql.php
qsearch.media.net/ Frame 898D 		15 B
355 B 		Script
General
Check archive.org
Download Go to
Full URL
http://qsearch.media.net/bql.php?v=1&hvsid=00001521535040382024994892787551&geo=&lper=100&bdrid=4&subBdr=15&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYMwmP_qudLbTyvroUASqGQW30Xyjy01TDF3_Stwe4v-ElSuUWt0QZ894dy5yTKUOSnXqBFR2o_HQORurVU0NXgU%3D&lpid=&tsid=1&ksu=112&q=&prv=&type=&ps=&cme=w37CLD9_GqYVa8QW8TWmlP9TEmOAiwA_wQllAfQMi2o9quYfWmW3AXBLTXo3Zkxv-vAw-B2oytXK9XamsxgofbuXWkOYEUJccoZRylr3CLj6Gf7TWKdJFQ4KNYqmsIUeuGOqcR9TURgLdY0v_nZswUDUtqg3lBUGX1cj73iPskSEpBUXUSnFfmNryViaP5sRPhvbXAodP6uRsQ3qAV5cPLM8NGZJEHEo%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7C0bm4u78ysocOEQZjP3lQgsZseCAp4RlraSHHaYPVOOM3thtTVfLrFt_iqcldY3e6cr4aGjXOyElU3ysfMJ2ISR6zkBzmCwppGt0deZoN4q4%3D%7CsRBSg3CPSiQ%3D%7CpuIGXAKzH7sAlJg74so08d3e2rxLtX8lr6Q8OZZkP8LieKYz2uX0MtCudR6I7LTK0Hxc4YjQ8C4OycvqCU9OMH6GVKuVoz4sxTWHRTR9sdSb0r8LyNGQVKssV6X4yoO2FINoBaJcMRUQKiyva2h2a5JTAoBm-5x5kuznmVAmYzT-mM6R-VCdkw%3D%3D%7C&hint=&td=&cc=DE&wsip=2886958293&bca=0&ugd=4&&rc=0&fdkt=266&kwd[]=US%20Government%20Agency&kwt[]=266&kbc[]=26922&kwp[]=1&kid[]=29487890&kbc2[]=2%7C%7Crpc%3D0.26&ktd[]=564874115547136&kwd[]=Cyber%20Security%20Courses&kwt[]=361&kbc[]=53813&kwp[]=2&kid[]=7536573&kbc2[]=security%20cyber%20expert%7C%7Crpc%3D1.21&ktd[]=274915852288&kwd[]=Cyber%20Security%20Online%20Courses&kwt[]=361&kbc[]=53813&kwp[]=3&kid[]=324740290&kbc2[]=security%20cyber%20expert%7C%7Crpc%3D0.86&ktd[]=274915852288&kwd[]=Cyber%20Analysis&kwt[]=361&kbc[]=53813&kwp[]=4&kid[]=68167243&kbc2[]=security%20cyber%20expert%7C%7Crpc%3D1.18&ktd[]=824654888960&kwd[]=Low%20Cost%20Cell%20Phone%20Plans&kwt[]=240&kbc[]=ffe8333bff73fa55fc09b950d91ef1e2.d2s&kwp[]=5&kid[]=17967592&kbc2[]=rpc%3D1.04&ktd[]=274911592448&rand=1521535041041&cid=8CU5BD6EW&vwid=1521535040730500716&vi=1521535040730500716&l3ch=0&slnkp=no&bdrct=0.68&rt=186&tdAdd[]=rtbsd%3D10&tdAdd[]=ib=0&dytm=1521535040667&matchstring=&rtbsd=10&npgv=1&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7CopenxEnabled%3Dtrue&verid=111299&hvsid=00001521535040382024994892787551&upk=1521535039.3872&sttm=1521535040382&=&vgd_bdata=bb%3D0%7C%7Cbtd%3D655360%7C%7Cfbb%3D0%7C%7Curl_l%3D3%7C%7Cbid%3D0.68%7C%7Cdevice_l%3D2%7C%7Cvariant%3D1&vgd_refimp=13&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&matm=1521535041050&lktgd=262162&lkpgd=UUID%3Duuid_s8_2_1521535040_750089159%7C%7CPTD2%3D0%7C%7CMN%3D9%7C%7CAN%3D6%7C%7CKSE%3D1521535040944%7C%7CMPTD%3D232%7C%7CSI%3D801%7C%7Cerpm%3D-1.0%7C%7CCI%3D801%7C%7CSID%3D14%7C%7CPTD%3D7422848%7C%7CMI%3D801%7C%7CHID%3D2%7C%7CKTGD%3D262162&abpl=2&vgd_ckkr=1&vgd_ckadt=7&vgd_katbid=-2&vgd_kals=base&vgd_kalog=MPTD%3D176%7C%7CUUID%3Duuid_s12_nc1b_3_1521535040_869850321%7C%7CSID%3D11%7C%7CHID%3D3%7C%7CMI%3D801%7C%7CTPTD%3D4%7C%7CSI%3D801%7C%7CCI%3D801&vgd_kasts=tstype%3DBASE_BAG%7C%7C&vgd_altbql=sb&vgd_clsKb=2&vgd_pdtid=1&vgd_refcnf=%7B%22a2y%22%3A%7B%22afterLoadSecs%22%3A30%2C%22afterViewSecs%22%3A10%2C%22percentTraffic%22%3A50%7D%7D&vgd_sbSup=1&vgd_ourl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&vgd_osrc=metatag&oRurl=http%3A%2F%2Fcdn3nc.media.net%2Fmediamain.html%3F%26esi%3D1%26%26cid%3D8CU5BD6EW%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253D%253D%26crid%3D184323154%26pid%3D8PO5M70HK%26size%3D300x250%26cpnet%3DyVb1sHm-0KIh29BOFTjjrHvHwrQGlpByWaOO1vn303s%253D%26cme%3DyINvVCFxqLMbSqDgxM-acxgbv-13pHyD4y-MDQGBFdYUXQ-wXrJy0CPtTuDt0RSSxaoVDeZ3XY07KQMY9eHzta_iCBriuV7UZ-_IHi2pj1EhY9RBBPiQi5dCn9e6EzY48y5LXNPAQ9E%253D%257C%257CNDHRnZ9Gz3KXlI-i9OnZqQ%253D%253D%257C5gDUJdTGiJzedmq9hanWYg%253D%253D%257CN7fu2vKt8_s%253D%257C0bm4u78ysocOEQZjP3lQgsZseCAp4RlraSHHaYPVOOM3thtTVfLrFt_iqcldY3e6cr4aGjXOyElU3ysfMJ2ISR6zkBzmCwppGt0deZoN4q4%253D%257CsRBSg3CPSiQ%253D%257C%26cc%3DDE%26bf%3D0%26vif%3D1%26nse%3D3%26bid%3D210870%26vi%3D1521535040730500716%26lw%3D1%26ugd%3D4%26ib%3D0%26ourl%3Dhttp%253A%252F%252Fsecurityaffairs.co%252Fwordpress%252F70391%252Fapt%252Fsofacy-apt-european-government.html%26osrc%3Dmetatag%26katbid%3D-2%26nb%3D1%26chost%3Dcontextual.media.net%26fvips%3D0%26vpf%3D000%26ap%3D0%26pf%3D0%26isOffice%3D0&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bscr_h%3A1200%3Bscr_w%3A1600%3Bx_pos%3A973%3By_pos%3A433%3Bkwd_scnt%3A5
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/__media__/js/util/nrr.js?v=78
Protocol
HTTP/1.1
Server
2.16.186.113 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-113.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:22 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Tue, 20 Mar 2018 08:37:22 GMT
log
navvy.media.net/ Frame 898D 		807 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://navvy.media.net/log
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/__media__/js/util/nrr.js?v=78
Protocol
HTTP/1.1
Server
52.52.193.134 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-52-193-134.us-west-1.compute.amazonaws.com
Software
Jetty(9.4.7.v20170914) /
Resource Hash
0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Cache-Control
max-age=0
Origin
http://securityaffairs.co
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:22 GMT
Server
Jetty(9.4.7.v20170914)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache,no-store
Connection
keep-alive
Content-Length
807
Expires
Tue, 20 Mar 2018 08:37:22 GMT
pixel
c.ad-srv.co/ Frame 898D 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.ad-srv.co/pixel
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
54.215.226.112 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-215-226-112.us-west-1.compute.amazonaws.com
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:22 GMT
Server
Varnish
Connection
keep-alive
X-Varnish
40271796
pixel
c.adyield.co/ Frame 898D 		0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.adyield.co/pixel
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
52.9.8.193 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-9-8-193.us-west-1.compute.amazonaws.com
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:22 GMT
Server
Varnish
Connection
keep-alive
X-Varnish
858232596
analytics.js
google-analytics.com/ 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google-analytics.com/analytics.js
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
172.217.16.164 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f164.1e100.net
Software
Golfe2 /
Resource Hash
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2017 20:19:12 GMT
server
Golfe2
age
292
date
Tue, 20 Mar 2018 08:32:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
14597
expires
Tue, 20 Mar 2018 10:32:30 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j66&a=293104009&t=pageview&_s=2&dl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&ul=en-us&de=UTF-8&dt=Russia-linked%20Sofacy%20APT%20targets%20an%20unnamed%20European%20Government%20agencySecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KEBAAEAB~&jid=&gjid=&cid=1552304683.1521535040&tid=UA-59069958-1&_gid=397819317.1521535040&z=1740995266
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
SPDY
Server
172.217.16.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f174.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Mar 2018 18:01:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
657338
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IgtgniBcDasEYA0BmATABiQNk0tKALFmgKwCcGAukrGqnriUSRdbSkuQOycJq8khFJ2wAOFDViEug-oOGiJU0rL4DOBFMjTltU7GqTzNInXoRUaIAO4BHGLGsBjAE5gADo5DdcaNAjkuAD6AOYeAC7BCCBIPn4BQWjBYACGAJYAdsFosSAIYsIECKSEYZHBKHkFRdqlKRnZhHnYKEHYpCikpOVRpC1t2B1dPWlZwdgg1qkANhEwWCCpACYzywtx4fPQIHkAzhGpEQCue46ScQBeqTDIIB6hMCAAbnkAppmvO16bABZPJQCnVIGDapS07W4GEI3HIYjyETOOwQhF0Ygw3EIuG68LizyRIGwADoMESgXlZjBOCAAGbOGAAWjubxuOwwzgARstWs4MAyBORnEyEG8xAzUgEUPzlqkhthnM5KCJ3hF0rdSECuqDyHEDo9oIs9gBrJ6dVEoDA1NAdfZGmzbfIakpatrBM0ES2Fa39OJvdJeZGEMRk0gIImEUgh5q6mYHAFO4Hazq5OIzGm3OLOU5RdLrHZiADCAFVSAAhAAi2AAogB1PKhenQQHOkHmsTcOJ2N63AC+QA
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:22 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
bqi.php
qsearch.media.net/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qsearch.media.net/bqi.php?&lf=3&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=184323154&pid=8PO5M70HK&vi=1521535040730500716&hvsid=00001521535040382024994892787551&bdrid=4&subBdr=15&ugd=4&cme=yINvVCFxqLMbSqDgxM-acxgbv-13pHyD4y-MDQGBFdYUXQ-wXrJy0CPtTuDt0RSSxaoVDeZ3XY07KQMY9eHzta_iCBriuV7UZ-_IHi2pj1EhY9RBBPiQi5dCn9e6EzY48y5LXNPAQ9E%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7C0bm4u78ysocOEQZjP3lQgsZseCAp4RlraSHHaYPVOOM3thtTVfLrFt_iqcldY3e6cr4aGjXOyElU3ysfMJ2ISR6zkBzmCwppGt0deZoN4q4%3D%7CsRBSg3CPSiQ%3D%7C&cc=DE&sc=HE&requrl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&sttm=1521535040382&upk=1521535039.3872&hvsid=00001521535040382024994892787551&verid=111299&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7CopenxEnabled%3Dtrue&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&npgv=1&rtbsd=10&matchstring=&dytm=1521535040667&clsKb=2&katbid=-2&katid=null&kapc=100&kals=base&kata=55e1&kalog=MPTD%3D176%7C%7CUUID%3Duuid_s12_nc1b_3_1521535040_869850321%7C%7CSID%3D11%7C%7CHID%3D3%7C%7CMI%3D801%7C%7CTPTD%3D4%7C%7CSI%3D801%7C%7CCI%3D801&kasts=tstype%3DBASE_BAG%7C%7C
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
2.16.186.113 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-113.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:22 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Tue, 20 Mar 2018 08:37:22 GMT
bql.php
qsearch.media.net/ Frame A432 		15 B
355 B 		Script
General
Check archive.org
Download Go to
Full URL
http://qsearch.media.net/bql.php?v=1&hvsid=00001521535040882024994892783803&geo=50.12|8.68&lper=100&bdrid=4&subBdr=15&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYMwmP_qudLbThCNI1OHaSEiXLU6JBoUz12JQ6vN_w1b9fjEwvmpHWLwGDhDYn2bJ7lkJRz-KjPjGNb9SQR80Zgc%3D&lpid=&tsid=18&ksu=112&q=&prv=&type=&ps=&cme=vb455LctyDjn-yO1BrlIUdNaB7ryH20yyqo3BBb-4rcpCvrIOAIetM6MxIhGylW8tm3tRlarAsY_os9CwGjd5Pw5-DFakOGQzK74KLaxa_iDGz_Sdaj_ZVRYSSGOgbgzCAhkPH44vZsRrIxlvKuwBkMP4P6yNsbnZztP-6O5xOgG0a-cC_Yk0bWjmhN4NKOd5yFNfqewNZsuILHnGpapm9RFucBSXYcd%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7C0bm4u78ysocOEQZjP3lQgsZseCAp4RlraSHHaYPVOOM3thtTVfLrFt_iqcldY3e6cr4aGjXOyElU3ysfMJ2ISR6zkBzmCwppGt0deZoN4q4%3D%7CsRBSg3CPSiQ%3D%7CBjsveBQhhNZ2AJw_ozzkWF2AqxITrVxZJBmhsng8s-GkViwKDyT12ixVzrXhaxvDGVPm9L9BW2E4rRRYlDAcgT282DNCGDkCFPzyllT1HoZXa9L2xlIUBhd4iL64UD9pG-363soa5CCUGcbG97Wj3BKY9IKzxwX7Whk6LtW6lAfbUHEwqk-RxA%3D%3D%7C&hint=&td=&cc=DE&wsip=2886938596&bca=0&ugd=4&&rc=0&fdkt=361&kwd[]=Cyber%20Security%20Online%20Courses&kwt[]=361&kbc[]=53813&kwp[]=1&kid[]=324740290&kbc2[]=security%20cyber%20expert%7C%7Crpc%3D1.00&ktd[]=274915852288&kwd[]=Cyber%20Security%20Courses&kwt[]=361&kbc[]=53813&kwp[]=2&kid[]=7536573&kbc2[]=security%20cyber%20expert%7C%7Crpc%3D1.21&ktd[]=274915852288&kwd[]=Cyber%20Analysis&kwt[]=361&kbc[]=53813&kwp[]=3&kid[]=68167243&kbc2[]=security%20cyber%20expert%7C%7Crpc%3D1.18&ktd[]=824654888960&kwd[]=Government%20Money%20Programs&kwt[]=361&kbc[]=6773&kwp[]=4&kid[]=12710856&kbc2[]=government%20agency%7C%7Crpc%3D0.14&ktd[]=274915786752&kwd[]=Low%20Cost%20Cell%20Phone%20Plans&kwt[]=240&kbc[]=ffe8333bff73fa55fc09b950d91ef1e2.d2s&kwp[]=5&kid[]=17967592&kbc2[]=rpc%3D1.04&ktd[]=274911592448&kwd[]=Build%20Your%20Own%20Website&kwt[]=240&kbc[]=ffe8333bff73fa55fc09b950d91ef1e2.d2s&kwp[]=6&kid[]=4488843&kbc2[]=rpc%3D0.59&ktd[]=274911592448&kwd[]=Cryptography%20Software&kwt[]=240&kbc[]=ffe8333bff73fa55fc09b950d91ef1e2.d2s&kwp[]=7&kid[]=7346012&kbc2[]=101%7C%7Crpc%3D0.11&ktd[]=274895077376&kwd[]=Network%20Security%20Training&kwt[]=240&kbc[]=ffe8333bff73fa55fc09b950d91ef1e2.d2s&kwp[]=8&kid[]=20331282&kbc2[]=101%7C%7Crpc%3D0.11&ktd[]=274895077376&kwd[]=Security%20Policy%20Templates&kwt[]=240&kbc[]=ffe8333bff73fa55fc09b950d91ef1e2.d2s&kwp[]=9&kid[]=25584716&kbc2[]=101%7C%7Crpc%3D0.10&ktd[]=274895077376&kwd[]=High%20Speed%20Internet&kwt[]=240&kbc[]=ffe8333bff73fa55fc09b950d91ef1e2.d2s&kwp[]=10&kid[]=13681481&kbc2[]=101%7C%7Crpc%3D0.13&ktd[]=274911854592&kwd[]=Royalty-Free%20Stock%20Photos&kwt[]=240&kbc[]=ffe8333bff73fa55fc09b950d91ef1e2.d2s&kwp[]=11&kid[]=212222231&kbc2[]=101%7C%7Crpc%3D0.14&ktd[]=274911854592&kwd[]=Online%20Photo%20Gallery&kwt[]=240&kbc[]=ffe8333bff73fa55fc09b950d91ef1e2.d2s&kwp[]=12&kid[]=21253433&kbc2[]=101%7C%7Crpc%3D0.01&ktd[]=274911854592&kwd[]=Social%20Media%20Tracking&kwt[]=240&kbc[]=ffe8333bff73fa55fc09b950d91ef1e2.d2s&kwp[]=13&kid[]=212674513&kbc2[]=101%7C%7Crpc%3D0.24&ktd[]=274911854592&kwd[]=G-String%20Monokinis&kwt[]=240&kbc[]=ffe8333bff73fa55fc09b950d91ef1e2.d2s&kwp[]=14&kid[]=321726011&kbc2[]=101%7C%7Crpc%3D0.05&ktd[]=274895077376&rand=1521535041783&cid=8CU5BD6EW&vwid=1521535040967158751&vi=1521535040967158751&l3ch=0&slnkp=no&bdrct=0.68&rt=254&tdAdd[]=rtbsd%3D10&tdAdd[]=ib=0&dytm=1521535041184&matchstring=&rtbsd=10&npgv=1&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D24940&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7CopenxEnabled%3Dtrue&verid=111299&hvsid=00001521535040882024994892783803&upk=1521535039.3872&sttm=1521535040882&=&vgd_bdata=bb%3D0%7C%7Cbtd%3D655360%7C%7Cfbb%3D0%7C%7Curl_l%3D3%7C%7Cbid%3D0.68%7C%7Cdevice_l%3D2%7C%7Cvariant%3D1&vgd_refimp=13&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&tdAdd[]=%7C%40%7Cabp%3A3%3A2&matm=1521535041794&vsid=1645366398927814&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D24940&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_sc=HE&vgd_katbid=-2&vgd_kals=base&vgd_kalog=HID%3D1%7C%7CTPTD%3D4%7C%7CMPTD%3D176%7C%7CCI%3D801%7C%7CMI%3D801%7C%7CSI%3D801%7C%7CSID%3D11%7C%7CUUID%3Duuid_s12_nc1b_1_1521535041_865690715&vgd_kasts=tstype%3DBASE_BAG%7C%7C&vgd_altbql=sb&vgd_clsKb=0&vgd_pdtid=1&vgd_refcnf=%7B%22a2y%22%3A%7B%22afterLoadSecs%22%3A30%2C%22afterViewSecs%22%3A10%2C%22percentTraffic%22%3A50%7D%7D&vgd_sbSup=1&vgd_ourl=http%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F70391%2Fapt%2Fsofacy-apt-european-government.html&vgd_osrc=metatag&oRurl=http%3A%2F%2Fcdn3ncal.media.net%2Fmediamain.html%3F%26esi%3D1%26%26cid%3D8CU5BD6EW%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253D%253D%26crid%3D639665355%26pid%3D8PO5M70HK%26size%3D300x600%26cpnet%3DyVb1sHm-0KIh29BOFTjjrOMbY3Wy7OSYfNFL7sC0vVY%253D%26cme%3Dsj8jUgUthZgb1dk55FlquHTZZWJ5h3uCyeWPMZuARP06ymyV8xaf7IGyrTEw9Mqe0VEgnOI2lfgsjpp_kIry7BcGTHhLQPB8su0CxyMmpe-aZep7AcFhefS-26SA-aelKUhC-QRXHFM%253D%257C%257CNDHRnZ9Gz3KXlI-i9OnZqQ%253D%253D%257C5gDUJdTGiJzedmq9hanWYg%253D%253D%257CN7fu2vKt8_s%253D%257C0bm4u78ysocOEQZjP3lQgsZseCAp4RlraSHHaYPVOOM3thtTVfLrFt_iqcldY3e6cr4aGjXOyElU3ysfMJ2ISR6zkBzmCwppGt0deZoN4q4%253D%257CsRBSg3CPSiQ%253D%257C%26cc%3DDE%26bf%3D0%26vif%3D1%26nse%3D3%26bid%3D210870%26vi%3D1521535040967158751%26lw%3D1%26ugd%3D4%26ib%3D0%26ourl%3Dhttp%253A%252F%252Fsecurityaffairs.co%252Fwordpress%252F70391%252Fapt%252Fsofacy-apt-european-government.html%26osrc%3Dmetatag%26katbid%3D-2%26nb%3D1%26chost%3Dcontextual.media.net%26fvips%3D0%26vpf%3D000%26ap%3D0%26pf%3D0%26isOffice%3D0&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A600%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bscr_h%3A1200%3Bscr_w%3A1600%3Bx_pos%3A973%3By_pos%3A2331%3Bkwd_scnt%3A14
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/__media__/js/util/nrr.js?v=78
Protocol
HTTP/1.1
Server
2.16.186.113 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-113.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:22 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Tue, 20 Mar 2018 08:37:22 GMT
log
navvy.media.net/ Frame A432 		807 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://navvy.media.net/log
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/__media__/js/util/nrr.js?v=78
Protocol
HTTP/1.1
Server
52.52.193.134 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-52-193-134.us-west-1.compute.amazonaws.com
Software
Jetty(9.4.7.v20170914) /
Resource Hash
0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Cache-Control
max-age=0
Origin
http://securityaffairs.co
Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:23 GMT
Server
Jetty(9.4.7.v20170914)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache,no-store
Connection
keep-alive
Content-Length
807
Expires
Tue, 20 Mar 2018 08:37:23 GMT
pixel
c.ad-srv.co/ Frame A432 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.ad-srv.co/pixel
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
54.215.226.112 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-215-226-112.us-west-1.compute.amazonaws.com
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:23 GMT
Server
Varnish
Connection
keep-alive
X-Varnish
40271856
pixel
c.adyield.co/ Frame A432 		0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.adyield.co/pixel
Requested by
Host: securityaffairs.co
URL: http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
Protocol
HTTP/1.1
Server
52.9.8.193 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-9-8-193.us-west-1.compute.amazonaws.com
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:23 GMT
Server
Varnish
Connection
keep-alive
X-Varnish
858232667
jstag
us-ads.openx.net/w/1.0/ Frame 5002 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://us-ads.openx.net/w/1.0/jstag
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/nmedianet.js?cid=8CU5BD6EW
Protocol
HTTP/1.1
Server
173.241.240.212 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-212.xa.dc.openx.org
Software
OXGW/15.0.0 /
Resource Hash
622896948856f25dff9ffc8bc4ca210d54c83f8d5d282966ae038684a94659c9

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:22 GMT
Content-Encoding
gzip
Server
OXGW/15.0.0
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=3600
Content-Type
text/javascript
Content-Length
17048
Expires
Tue, 20 Mar 2018 09:37:22 GMT
acj
us-ads.openx.net/w/1.0/ Frame 5002 		348 B
730 B 		Script
General
Check archive.org
Download Go to
Full URL
http://us-ads.openx.net/w/1.0/acj?o=1975785951&callback=OX_1975785951&ju=http%3A//securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html&jr=&auid=537253288&dims=1600x1200&adxy=0%2C0&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=0x0&ifr=1&tws=1600x1200
Requested by
Host: us-ads.openx.net
URL: http://us-ads.openx.net/w/1.0/jstag
Protocol
HTTP/1.1
Server
173.241.240.212 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-212.xa.dc.openx.org
Software
OXGW/15.0.0 /
Resource Hash
de99063aa7da7c6d9b30095f40586e966916f675bcebfd0e269fac0256b5fc9b

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Mar 2018 08:37:22 GMT
Content-Encoding
gzip
Server
OXGW/15.0.0
Vary
Accept
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Transfer-Encoding
chunked
Content-Type
application/json
Expires
Mon, 26 Jul 1997 05:00:00 GMT
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IglgbiBcAsA0IDOAXAhigrkmBtAjAJwC6iAXmjPogA4DmMIUiApgHZTQg0iJ0AWjfAFYATCIDMwgAwTCw2KIlyAbCoDs02OsIAOXiBQ4u+RXunrYK0cOH7EEYyBUA6aS-HCDaADYwJiABmAMYwALTUICyUXNLBAEYAJioSwdJhojrBEfgsumFo4hIZiWhqKsHBhLISBiwoYFRikjJyiKgM0NLtANaMwhKKEtL4uooqXr0A7ihCzQOthAD6A0MjY6ITdWA8JrC6HsL4LrDCh7AGSD6oc55SsvISogY+gVSIwdgoS2CJjLoAYQAqsIAEIAERUAFEAOoGOihaAiO4yWBSTSIACOLCoAF8gA
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:23 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
ptmd
dt.clnmde.com/ 		70 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dt.clnmde.com/ptmd?t=152153503954233966704798_N4IglgbiBcAcA0IDOAXAhigrkmBtAjAJwC6iAXmjPogA4DmMIUiApgHZTQg0iJ0AWjfAFYATCIDMwgAwTCwgCyiJcgGyqA7NIUbCsXiBQ4u+JXukaFq0cOH7EEYyFUA6aS-HCDaADYwJiABmAMYwALTUICyUXNLBAEYAJqoSwdJhorrBEfgssGFo4hIZiWjqqsHBhLISBiwoYFRikjJyiKgM0NLtANaMwhJKEtL4sEqqXr0A7ihCzQOthAD6A0MjY6ITdWA8JgqwHsL4LgrChwoGSD6oc55SsvISogY+gVSIwdgoS2CJjLAAYQAqsIAEIAEVUAFEAOoGOihaAiO4yHTCLSIACOLCoAF8gA
Protocol
HTTP/1.1
Server
54.86.56.206 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-56-206.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
http://securityaffairs.co/wordpress/70391/apt/sofacy-apt-european-government.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 20 Mar 2018 08:37:27 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings undefined| $ function| jQuery function| cli_show_cookiebar function| l1hs object| jQuery1124020745457109924903 object| stlib boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus string| stWidgetVersion boolean| opt_out object| stLight boolean| st_showing object| _st undefined| product function| __sharethis__docReady object| __sharethis__ string| GoogleAnalyticsObject function| ga string| medianet_width string| medianet_height string| medianet_crid object| _mN function| setup string| _mN_Idf string| _mN_ctrM number| _mN_ctr object| _mNDetails object| _mN_dy boolean| _mNVideoInjection object| _mNX number| medianetTimer object| gaplugins object| gaGlobal object| gaData number| eti object| hs string| ea string| cp string| pd object| ad_regex string| adod string| sdod number| templateId object| templateMap object| template object| cmurlKeyList string| sk string| skwt string| esi_ip number| staging function| browserfp object| sppx number| bfObjLdCnt object| FB object| rtbsBidA object| twemoji object| wp function| _mNRequireX function| _mNDefineX object| _mNL2 object| winScope number| _mN_mc_cnt string| _mN_mc_frameID string| locHash object| resultPageUtil string| iframeURL function| loadL3 object| _mNExtKwds object| click_object object| wpcom_img_zoomer object| detectZoom object| Main object| BrowserDetect object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer function| $j function| imagePreview object| gapi object| ___jsl object| _stq function| st_go function| linktracker_init object| wpcom object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__

29 Cookies

Domain/Path Name / Value
.pxlclnmdecom-a.akamaihd.net/ Name: bafp_t
Value: e7170450-2c19-11e8-8812-537151447f72
.pxlclnmdecom-a.akamaihd.net/ Name: bfp_sn_td_2a17fb019fa8803fcc76a437c68e2235
Value: 1521535039_534230184265_2a17fb019fa8803fcc76a437c68e2235
.pxlclnmdecom-a.akamaihd.net/ Name: bfp_sn
Value: 1521535039_534230184265
.media.net/ Name: data-o
Value: 784e1b03-68ca-47eb-ab00-1ac9b7ae6699~~2
securityaffairs.co/ Name: OX_mNCM_BI_TS
Value:
.media.net/ Name: data-p
Value: Dq3ILaN4Jo09~~2
.media.net/ Name: data
Value: |||||||||||||||||||||||||
securityaffairs.co/ Name: OX_mNCM_user_latency
Value: 221%2C20%2C93
.pxlclnmdecom-a.akamaihd.net/ Name: bfp_sn_t_8b2087b102c9e3e5ffed1c1478ed8b78
Value: 1521535039_534230184265_8b2087b102c9e3e5ffed1c1478ed8b78
securityaffairs.co/ Name: OX_mNCM_net_latency
Value: 24%2C17%2C84
securityaffairs.co/ Name: session_depth
Value: securityaffairs.co%3D1%7C762221962%3D1%7C184323154%3D1%7C639665355%3D1
.securityaffairs.co/ Name: __gads
Value: ID=1aee003db8840b63:T=1521535039:S=ALNI_Mbm7AVl--mfy7qql3N6FrVNqLWXkQ
.google.com/ Name: NID
Value: 126=JLiv9eqVrZ9ESU2QdZ_khyISodYkVQQhzMh9tNCP_7HKPhqyOyRZb6XwvbGvXmkU6rjb6j23CCN_wLjdizhPxXLvWmRsuhFNT2ARxsNqbnEgrXNXq6mDnGMa-hQAvcV8
.media.net/ Name: visitor-id
Value: 1645366398927814000V10
securityaffairs.co/ Name: OX_mNCM_BI
Value:
.securityaffairs.co/ Name: bfp_sn_pl
Value: 1521535039_534230184265
securityaffairs.co/ Name: OX_plg
Value: pm
.securityaffairs.co/ Name: bafp
Value: e711fb40-2c19-11e8-a51f-a7048d87c498
securityaffairs.co/ Name: OX_mNCM_ud_q
Value:
securityaffairs.co/ Name: OX_ssn
Value: 59577725
securityaffairs.co/wordpress/70391/apt Name: __sharethis_cookie_test__
Value: 1
securityaffairs.co/ Name: OX_mNCM_digitrust_id
Value:
.securityaffairs.co/ Name: bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78
Value: 1521535039_534230184265_8b2087b102c9e3e5ffed1c1478ed8b78_Direct
.securityaffairs.co/ Name: _gid
Value: GA1.2.397819317.1521535040
securityaffairs.co/ Name: OX_mNCM_digitrust_id_exp
Value:
.securityaffairs.co/ Name: _ga
Value: GA1.2.1552304683.1521535040
.securityaffairs.co/ Name: __unam
Value: 6f69f6a-162428e378c-3d8a2044-1
.securityaffairs.co/ Name: _gat
Value: 1
securityaffairs.co/ Name: wfvt_2796755358
Value: 5ab0c83dc2ad9

7 Console Messages

Source Level URL
Text
console-api log URL: http://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=1.4.1(Line 23)
Message:
JQMIGRATE: Migrate is installed with logging active, version 1.4.1
console-api warning URL: http://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=1.4.1(Line 45)
Message:
JQMIGRATE: jQuery.fn.load() is deprecated
console-api log URL: http://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=1.4.1(Line 47)
Message:
console.trace
console-api warning URL: http://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=1.4.1(Line 45)
Message:
JQMIGRATE: jQuery.fn.unload() is deprecated
console-api log URL: http://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=1.4.1(Line 47)
Message:
console.trace
console-api log URL: http://securityaffairs.co/wordpress/wp-content/plugins/facebook-button-plugin/js/script.js?ver=dc488b3cf402a36ed8529f3196db2a8a(Line 5)
Message:
1585
console-api log URL: http://securityaffairs.co/wordpress/wp-content/plugins/facebook-button-plugin/js/script.js?ver=dc488b3cf402a36ed8529f3196db2a8a(Line 14)
Message:
2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.gravatar.com
a.mnet-ad.net
adservetx.media.net
adservice.google.com
apis.google.com
bit.ly
c.ad-srv.co
c.adyield.co
connect.facebook.net
contextual.media.net
dt.clnmde.com
fonts.googleapis.com
fonts.gstatic.com
google-analytics.com
i0.wp.com
i1.wp.com
i2.wp.com
l.sharethis.com
maxcdn.bootstrapcdn.com
medianet-d.openx.net
navvy.media.net
opt-east.media.net
pagead2.googlesyndication.com
pixel.wp.com
platform-api.sharethis.com
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
qsearch.media.net
s0.wp.com
search.keywordblocks.com
securepubads.g.doubleclick.net
securityaffairs.co
stats.wp.com
tpc.googlesyndication.com
us-ads.openx.net
w.sharethis.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
108.161.189.121
172.217.16.164
172.217.16.174
172.217.18.162
172.217.22.2
173.241.240.212
173.241.240.220
185.60.216.19
192.0.73.2
192.0.76.3
192.0.77.2
192.0.77.32
2.16.186.113
2.16.186.41
2.16.186.67
2.16.186.80
2.16.186.83
216.58.205.226
216.58.206.1
216.58.206.14
216.58.206.3
216.58.214.66
216.58.214.74
217.160.0.146
23.56.3.183
23.67.137.77
31.13.92.36
50.58.197.14
52.52.193.134
52.57.39.144
52.86.242.184
52.9.8.193
54.215.226.112
54.86.56.206
67.199.248.10
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584
02e9b97056be5d76b813d92b67aac7d714f69536fe8af92a94d1dcbda8d0ad29
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60
0a6b90b75ea7a7ffcf626ab21af202818e7f820e487ba05c122e68c4702a843d
0bffe6a234d4da5672bb56597c0c60df3bfb0fb0899bde4be2241c1a27ed005e
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878
0cdadbf4384e9f45c6b02d514ce42f62460c4dcc4cfaa8078e7d3d88288b996e
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742
13c74a3d594ad23aea83d2e896e0bfad0b527dfbdbb0c222dc52a481df3ec85c
155ef7601d4af029d8b6f3efa4ed4984748ea0a36c85f038f129ffdc6fb83b66
17c1ae6db8c8a11c914105d47e67554a90aeb5996105cfe928c909e2020d67c0
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19
19e1c4c97917724cacf9f2e3c544ed0925a14ef28a79565b7bae38fc70ac82f2
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82
1b516cb95ddf27703d0b1cfddab9c97fa9b2696644718dd1b4376c39dca93767
207461e411e1ff6d6c5b0dd702d26031adb86de86ed3f571baa5a6fc498fc4b6
20ef0f0c8d0eea98772412cea9b3b92612e3e53cb5e59152b5703165f56e8a53
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732
275f5245ba26a938a893c77b9255287e3a2508bad5d7a3caf036489340ae04f3
279d6e3605a33c41822d9e51b105aa88a22e7a0c4caea5329fd4c8a1a3eb0e6d
2a7de29b35851203cdf04ae80eee77acb0f1a68177ee095d0680d31ba03449a8
2f64b025cec8c93dcb01fe88f0e79c134bc0a6c751787360153865dfa9f3a962
30ace6a9999ef90eaad3df0a3a23b2bb688ec0461865ea56f2d58a780c800daa
336383f7ac92ebfd27fa47a1380a49a64b47d1b763f34909f464e826d738e10a
33d4d6d5446b47e13f369b9ca26618e791c4cce6dd5184b47eeafef34389bcda
372b3aaa8c5955cd5361423f1893f65961c33ec2c87370643438169f0196c06f
41445fd5c4002af7bf79309d58e4999e9d1c6dfb943cb7849ef717c7d2860bdb
4359fc4ebbddf4ab9e93191dedb6c19e6aa2d1531157cc3016796781f39615dc
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
464db2eecec0133fa595131850ae7478d8bc7359a5299a59985f1a42e389f187
47220893be1091914e43b1e266b1c73b1d7ff729b27a2ee72a06b0f6b5abefdf
4a78793521151a8254c9ba47131cd1d68ffb829eaa39b780b07389b5ac3f8c17
4b456e49e6c017d53be594d467c4508368dbe32ea0fd52a4b0718d5dc1862d51
4baddcce817f3a0b000e66cddeffe37ad875e20f1388bf7480cf6b8c7666250c
4dc14fe5df68d2ae899e237faf9264d6df02605dd655368cb856cd6ce75c7573
52398f8c210ab7179618b7914acc1cdd78e67cf6419115bdf90ec510ec91faf0
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
562487753256f10cc9e7bec2c59b54c5b6e564f9c72036675f14088415032775
58beff4434b0490dc5f331ba5a7f011dabff161df51956b4c5ceb402d7cec24d
5ca0636ee5ba9229b08ea875292b99b035d0794fa922a5f1eeab0ff4ed766ec0
5fe76b89002b51ecfbcfe67c4eaf99b7ab108168d099dda0d2a40398b06051f8
606438e847fe03016f9b522edc743ae201910c9583ad332d94ae4e3504ceb27e
622896948856f25dff9ffc8bc4ca210d54c83f8d5d282966ae038684a94659c9
639b4509780048ed50d9f5cd861010522112bcf8c9c2d26f5ddec78c7e739a5b
643a860832456b5a74825b79d625434b5c4c2a344b8f9bef3614b327bea52646
6457bc4119783af42d507c574911a3e8d426860ff132a8bb9fae3feef214dfe6
66752d0563d35538a04b5ab58b05cebb936b9335470b6a211c2718234cae77c2
69e652101a2c4d8040d6f6082b20b858fc8b7840339ca067d64499f2e9b22a9b
6ba3cda2ed44e47a8012c76dfb69657a7d2aa587125882f6b6efe22453c3a278
6ce3e202dbc8399999cf2d612b00fe92933870d7372174b9043db85d63afe70b
6db7426c84d3988d0243332dc6d85d2b8966af571e412b6f84a40d02974939f1
6f51bc9ebf7850acad4c4f8599c06ec74ee3749b7f4e5d38d29fb8aa1fbf1424
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46
74a78cea892f43d01c7573729c200c97dfebe5835476364435e411d0a674e28a
7520faf9b2c218b7f1c5c25308f0f33819277e0a64638878b36948b59f5c6cbf
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
7fceadfed55064d3f3d49652e0817c49b2c78de5b6d9280b0477b5b653858bca
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84cf7b58bf9470a372894d186bbd7e1ccac05b5baa84a7d0be44158f4981effc
855538077b6944e6a4300454d027510188c642643017949aaa8aa58652096f3d
87879846a54fe4a250a2a9808103f1ed6943af45e4cbb7f067c44da57c61b3d4
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8b63cfc4750823ed439e52bb326ff1e25a0ab07846da5c1b956c82ddb9474a1f
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535
8e5cd0149eff438710d9e98c6834de800d2a0164440937d415f41abfce954e6f
9253b2bc7ff479992bd37d1d951c8ce67695c6031345fe7fb21d9866bb7f93ae
9393ea485408f373be75e1bec6272c3a16f5d695aaebcff39bee3ae363b3a2bc
97374c49dd90daa024dc87ce46d0b193837994807c6c8aabbdad7f8fe979da34
9756bb2e61f42b57e4409a60a2b376ad5eea5f0276c6159ba957973f9210d2f1
9869bf998d9dee691349d634a714bf20d6bde49c9d5160eb1cf103f76c4738e5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b
a0ab4f8fe07ab80e30aa3cbc19669c2692a48da30ca9e600559ab3760967238b
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a26fd52082f9c6c191e6f75ca86d82544f74ec979da9c64406a89bea6247a9e9
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
a6ae50acb2000fab66cfd21243ebe3e48bcda59331a4b39100cd9152407ce757
a8f961f7ae2f3245e8383f659d264eb56983adb23a399b23a62fa951734d0768
ab313de30e88839debcbd24c24054cf91123244d263a16a9aa3864a50befaf92
abf0a396ecd082fb921175db8d4bc820ac383082eb4f8a566f4cee5aaa786808
aea0c8ddd84132838fcee935f9d827ec5f7ba116e443b25db7a5bcc944cbe914
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b3125d3c4f7dfa6652acea2cf7845db41eb5531788f0743c8e08122fb4df1b2b
b529ac743332cb8dfba9db7b34c7462a4b6e0a250e7a190477c788defec89b6c
b68659ff00e064d9afb54423ec69597994c1a141433f2ba1d58a2307c7a8dbea
b980a05e2b73c6bbf5536e4281a084f6718548214c496f599f7ef427a49cc327
bcb940213b69c6315df4053aa387b59a6cc3ae5308d61351e64a4e71f26aa3ab
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
c66614f9b335585b0cb4cc77e3a0ba22a358e6d0e234ec4d9f9f89fa3848fdc5
c68a880944aa03082e88bbe6c7df7747ee45f506fa777e76fb41709a0ba5a935
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8ef5776dae5a7ab59dca87233817cb4b4b136890a669334c6f0236ee7d799d8
cab944a462b37f84a06e26dc28c9d68818410763a2cd2d606d66c1d7eae7a906
cd189095203daa2a823bd69830d259be3978a69d97f38005f3232190c56c5964
d1a301f4dd52945b5cf0f0c018af9779de11a70d82c26edb17139756af5a16d5
d242e05b27b8d6ace3bfc206e9ab79ee073cd07647ffeb3c257b8abb61ae9cb4
d6453e4ef533b200e04bb79efd3225c1f8e9fac71ece2ef7f7b9c7d8b4b7b73c
d7f431a827ef4ddf3ba2c4a94d468781c8180a5e26a63cd64bc6e71cc5fb599b
d80a9fbd9c4a76d5d7c6b14e635088b322863f7a78f61508df1e77342669e0ec
d8c69f17ea9a0ab3fd3c929d5582527da38ac63d5b64fd8e9d4e63832b3a0cce
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008
d9ac862518df3efb07d7cecda391ab683489cf26fa04d62e179ba60869dd69bb
de99063aa7da7c6d9b30095f40586e966916f675bcebfd0e269fac0256b5fc9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e533fb7de77474066905d811094257f4e166b6849e7ae584c2ef44ced9c80433
e5405facae5a2a1490cd6e67cda423c4b334d7db880388cf509e670c92559210
e772a4405ae96672de123500416f5978fc758c5032715fe422d71a10bcaca90d
e8296706e1d0b9f25fcbb57152c9daa3963990f42607bafbac106492f31d3c54
e86444d7e2540ac8722e0ff21297a8db57ab7fbe8261dae984e2bb7a942b179b
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964
ee3075e90934b801ac5bf075bacbe5811753bbbf903ddd83cf14986121cb5c58
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f68798ab285059d5e7ca4a9f987d080fa8d3ee74d8755ba80592fe4351914431
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
ffa31f5802b20d64a10c71ad93394c1e2b4b16f33e2f479d8274fd02ce0a594f
ffe2bc694e76e8fb869ec60a320888895c44a21503be068ce35c6edf29fdb484