blog.cluster25.duskrise.com Open in urlscan Pro
2606:2c40::c73c:67e4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
Submission: On February 14 via manual (February 14th 2024, 2:32:02 am UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 17 domains to perform 60 HTTP transactions. The main IP is 2606:2c40::c73c:67e4, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is blog.cluster25.duskrise.com.
TLS certificate: Issued by GTS CA 1P5 on January 12th 2024. Valid for: 3 months.

This is the only time blog.cluster25.duskrise.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	2606:2c40::c7... 2606:2c40::c73c:67e4	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:4af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:bdf::60 2620:1ec:bdf::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6812:5ffd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:297c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:4eba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e6a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:579a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.35.22.222 63.35.22.222	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
60	19

28 2606:2c40::c73c:67e4 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

blog.cluster25.duskrise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:4af (United States)

ASN13335 (CLOUDFLARENET, US)

global.localizecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:5ffd (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:297c (United States)

ASN13335 (CLOUDFLARENET, US)

21649046.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh7-us.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4eba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:579a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.22.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-22-222.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	duskrise.com blog.cluster25.duskrise.com	2 MB
5	googleusercontent.com lh7-us.googleusercontent.com — Cisco Umbrella Rank: 921	452 KB
5	localizecdn.com global.localizecdn.com — Cisco Umbrella Rank: 19419	25 KB
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2616	19 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1221 syndication.twitter.com — Cisco Umbrella Rank: 1517	132 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5270 forms.hscollectedforms.net — Cisco Umbrella Rank: 5379	26 KB
2	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 6174 track.hubspot.com — Cisco Umbrella Rank: 2726	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	90 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 825 script.hotjar.com — Cisco Umbrella Rank: 1119	60 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6936	161 B
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3672	4 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2608	21 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2000	262 B
1	hubspotusercontent-na1.net 21649046.fs1.hubspotusercontent-na1.net	8 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6431	6 KB
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 4022	160 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	93 KB
60	17

	Domain	Requested by
28	blog.cluster25.duskrise.com	blog.cluster25.duskrise.com
5	lh7-us.googleusercontent.com	blog.cluster25.duskrise.com
5	global.localizecdn.com	blog.cluster25.duskrise.com global.localizecdn.com
3	js.hs-banner.com	blog.cluster25.duskrise.com js.hs-banner.com
2	platform.twitter.com	blog.cluster25.duskrise.com platform.twitter.com
2	connect.facebook.net	blog.cluster25.duskrise.com connect.facebook.net
1	track.hubspot.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	syndication.twitter.com	platform.twitter.com
1	content.hotjar.io	script.hotjar.com
1	js.hscollectedforms.net	blog.cluster25.duskrise.com
1	js.hsadspixel.net	blog.cluster25.duskrise.com
1	js.hs-analytics.net	blog.cluster25.duskrise.com
1	script.hotjar.com	static.hotjar.com
1	app.hubspot.com	blog.cluster25.duskrise.com
1	region1.google-analytics.com	www.googletagmanager.com
1	21649046.fs1.hubspotusercontent-na1.net	blog.cluster25.duskrise.com
1	static.hotjar.com	blog.cluster25.duskrise.com
1	static.hsappstatic.net	blog.cluster25.duskrise.com
1	platform.linkedin.com	blog.cluster25.duskrise.com
1	www.googletagmanager.com	blog.cluster25.duskrise.com
60	21

This site contains links to these domains. Also see Links.

Domain
www.duskrise.com
get.duskrise.com
blog.duskrise.com
github.com
2012-2017.usaid.gov
ostorozhno.media
thebell.io
verstka.media
twitter.com
www.linkedin.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
blog.cluster25.duskrise.com GTS CA 1P5	`2024-01-12` - `2024-04-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
localizecdn.com Cloudflare Inc ECC CA-3	`2023-09-07` - `2024-09-06`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2023-12-20` - `2024-06-20`	6 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-23` - `2024-02-21`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
syndication.twitter.com R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
Frame ID: 96C06323F1CC9F5BC7F8F8F839FB3008
Requests: 57 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fblog.cluster25.duskrise.com
Frame ID: 55D66A620D162F1F75BAEBBA55D714DB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Bear and The Shell: New Campaign Against Russian OppositionTwitterLinkedInFacebook

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

100 %
HTTPS

79 %
IPv6

17
Domains

21
Subdomains

19
IPs

3
Countries

2652 kB
Transfer

4341 kB
Size

6
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: https://www.duskrise.com/?hsLang=en

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/cluster25_platform
Title: The C25 Intelligence

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/platform_global_threat_intelligence
Title: Global Threat Intel

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/platform-exposure-intelligence
Title: Exposure Intelligence

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/platform_hunting_investigate
Title: Hunting and Investigate

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/platform_tailored_intelligence_services
Title: Tailored Services

Search URL Search Domain Scan URL

URL: https://get.duskrise.com/delisting
Title: Delisting Portal

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/the-duskrise-platform
Title: Network Protection Solution

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/platform-device
Title: Device

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/platform-app
Title: App

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/platform-dashboard
Title: Dashboard

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/platform-benefits
Title: Platform benefits

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/solutions-use-cases
Title: Use Cases

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/mssps-use-case
Title: MSSPs

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/higher-ed-use-case
Title: Higher Education

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/government-use-case
Title: Government

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/power-utilities-use-case
Title: Utilities

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/air-transportation-use-case
Title: Transportation

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/military-use-case
Title: Military/Defense

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/about-duskrise
Title: About

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/resources
Title: Resources

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://blog.duskrise.com/
Title: DuskRise Blog

Search URL Search Domain Scan URL

URL: https://get.duskrise.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://get.duskrise.com/consultation?hsLang=en
Title: GET A CONSULTATION

Search URL Search Domain Scan URL

URL: https://github.com/JoelGMSec/HTTP-Shell
Title: HTTP-Shell

Search URL Search Domain Scan URL

URL: https://2012-2017.usaid.gov/sites/default/files/documents/1869/USAID%20Shooting%20Guide.pdf
Title: USAID Shooting guide

Search URL Search Domain Scan URL

URL: https://ostorozhno.media/ayaz/
Title: article

Search URL Search Domain Scan URL

URL: https://thebell.io/feyki-voennogo-vremeni-syurprizy-ot-tesla-i-netflix-i-kak-obezopasit-svoi-google-docs
Title: article

Search URL Search Domain Scan URL

URL: https://thebell.io/amp/fabrika-nakrutok-kak-vk-prevrashchaet-runet-v-televizor-s-pomoshchyu-komikov-trolley-i-blogerov
Title: article

Search URL Search Domain Scan URL

URL: https://verstka.media/kak-pomilovannye-vagnerovcy-snova-sovershayut-prestupleniya-no-ne-vsegda-vozvraschayutsia-v-tyurmu
Title: article

Search URL Search Domain Scan URL

URL: https://github.com/BishopFox/sliver
Title: Sliver

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/duskrise
Title: linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/DuskRiseInc
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/duskriseinc/
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DuskRiseCyber/
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/hubfs/Privacy_DuskRise_website/en/privacy%20EN%20DR.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.duskrise.com/it/solutions-use-cases
Title: Industries

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request russian-apt-opposition Show response
blog.cluster25.duskrise.com/2024/01/30/ 90 KB
20 KB 199ms
125ms Document
text/html 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b33f216d0c214e089e01dd10764e8dd83aee8cb1b9c125f48db2e4e74f9ba6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 8551e5d5a86d3a6c-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 14 Feb 2024 02:31:57 GMT
edge-cache-tag: CT-141732209972,CT-154421104190,CT-79260248444,CT-95936483381,CG-79260149140,P-21649046,W-110829297962,W-110829825913,W-79040764526,CW-79030654856,CW-87568042657,CW-87892803957,E-80514929251,E-81444726666,E-81445138344,E-81445552143,E-81445623885,E-81445757079,E-81446103311,E-81446103729,E-81446893668,E-87880674368,E-88985577371,E-88996704812,E-88998707230,E-89271424580,E-98405340582,MENU-110829297962,MENU-110829825913,MENU-128374670234,MENU-79040764526,PGS-ALL,SW-4,GC-79039498641,GC-87881622710,TS-81445173521
etag: W/"bcafe2e8683f10e826ba158ae051b838"
last-modified: Tue, 06 Feb 2024 05:16:11 GMT
link: </hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUTaPadE5gep0H5wRdoZD8he00B5ab4Grx6iQ84d%2BIg4pHojdVdffBVdvUzJMje2u4nkmGbJA2rLyqMxTD8PMHd9j%2BiMair55ISi%2BzZckfRB5h09kO9CKfdjAKraV0CAtjTjq9yFQWM033%2B8J5ARo1CiBrBB4N3%2B8g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: MISS
x-hs-content-id: 154421104190
x-hs-hub-id: 21649046
x-hs-prerendered: Tue, 06 Feb 2024 05:16:11 GMT

GET
H2 200 project.js Show response
blog.cluster25.duskrise.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
959 B 52ms
49ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 8405423
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVzcjQYWNl6rFw4v3BsmIVdU5FEKQ4GKdGidmbo7DTrSMX6yf5%2BSz0Aw3wpdATEmXnlTtNUbNwgWYDLW9clRgbowp8tYWNkizejKqrDv%2FZ0nXdh283dmYzUgpbaPDkuiZnBF%2Bdx563zO3mOQe6gxJqj1lLXap7p%2F4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8551e5d678dc3a6c-FRA
x-amz-cf-id: uSTHdT_bIh2Ye9SEpFGym7CWaytSjp9H4ojk9AyzM-_fPbAIvxwbGA==
expires: Thu, 13 Feb 2025 02:31:57 GMT

GET
H2 200 project.js Show response
blog.cluster25.duskrise.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 50ms
47ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 6654998
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKwedqyrfyl3Lq9oNQvIRQ4DifiuC2KXs6s435B%2FzuwSFxZyeMuDF6xCBBAmwGJYoeW9T5TAAyMKe30YQhSe2nizyMvX6mDA9zxp6KshsG1IvkpuhH5gT01BpaKUTPkhJGxQvy3XDvnLDy%2F6UJayH8688DQLNaJXKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8551e5d678dd3a6c-FRA
x-amz-cf-id: vMxH2clCDRRjd7emHmifSLXhLc2TFOGFc0VsUqlcTSiVQmWY_1aUGQ==
expires: Thu, 13 Feb 2025 02:31:57 GMT

GET
H2 200 jquery-1.7.1.js Show response
blog.cluster25.duskrise.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 92 KB
34 KB 51ms
48ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 6475371
x-amz-cf-pop: FRA56-P2
x-amz-version-id: null
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Nov 2014 17:03:30 GMT
server: cloudflare
etag: W/"ddb84c1587287b2df08966081ef063bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tr7x%2FgxpQFg34BXqRFbxVJNsHdcaXlaLHk%2Ffv0VkfPWJS0IsjQlrvoeUXTzmku438kroecBAj7%2FiFz4fwuc3Kq4ytIRmca3FR5n08NRMUVpS6sJas%2FDh5vOXP2aH1pG6lyQHymQvSdOKlSOOSEgHIlyFJ4QpBO4%2BDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8551e5d678de3a6c-FRA
x-amz-cf-id: Hoev-1o9Fho6Y1K3JJghAaFtSQCJWsLprtCVgKQzdUciy0d3AHKivw==
expires: Thu, 13 Feb 2025 02:31:57 GMT

GET
H2 200 main.min.css
blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/81445552143/1660147887871/proX-C25-child/css/ 58 KB
14 KB 64ms
61ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/81445552143/1660147887871/proX-C25-child/css/main.min.css

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a5b9f6e091aa96c2cce65d99580a34332bba2c1f43454ecd8533246336c7901

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 4KB839BDY0RRKP50
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"9d9a9821e0336a69c5082d430a1b7893"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1660147889665
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 dd169cfdbbafbb3da513bede6bc6640e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: qU0PLcFIu0pXIqDiNQMw4CtRfLWHKlpb
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 7b7930ee-5490-40be-bd83-d70ab22fcdc3
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 260
alt-svc: h3=":443"; ma=86400
x-amz-id-2: FtJ04ebmzo6UvDhrqGMQCS4h3lpw69mpDeG75eYlxEw4LVrB+FTkZcmckrhYXY4+zmAym+Tnt0+nu32OfM9Yhrl5SostJNzH
x-evy-trace-route-configuration: listener_https/all
x-request-id: 7b7930ee-5490-40be-bd83-d70ab22fcdc3
last-modified: Wed, 10 Aug 2022 16:11:30 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vf%2F0ecP7Bh1MtVRVEjzHlPrhNOXugix0zIUbWHVRzw5xxYw8Oxnurlu3msj1mD1pZlj0%2Fylz34Op1KLgHz0%2BZHZGt4GjhytTQCAlV%2F07OEe5pkTc9VqoVAGBBHDzsAI6iH94betrRbAzcAPuVWehh0M4cRK9M7pxrA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-649c5bbc6c-zjtxl
access-control-allow-credentials: false
cf-ray: 8551e5d678e03a6c-FRA
x-amz-cf-id: _y5VpO6H0mrVtZ0QSMxZ4hVoqLfc_rv7K95OjMf4oRTlforAXzUTgA==

GET
H2 200 _aos.min.css
blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/81446893668/1660147901209/proX-C25-child/css/vendor/ 28 KB
3 KB 65ms
63ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/81446893668/1660147901209/proX-C25-child/css/vendor/_aos.min.css

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ff72cdb0b76e451b768bd1269c38816636d1b8ae396b0f8604b986040527ca2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: BDVEZGRN2W6KR6ZY
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"8375b66df42656e17c04a4a04d6b78b4"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1660147902427
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 99baebf4b5bb631267dcfa82456151cc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: wHCW6SwpF4BPXs5VPnafajL3ria15QO6
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: d2e98dd5-37fc-4d56-bbac-079f476d840d
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 251
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 8rSJfXLwRFHlJ8ZXf/VpQdwOA/ljEOCZThVvieWgF4OvOr2rEUUX0BgAj/oS79Rh5qrL0ceNqA409t8lmJGvwqtGFKa0tuqBQCpAy2P6ICQ=
x-evy-trace-route-configuration: listener_https/all
x-request-id: d2e98dd5-37fc-4d56-bbac-079f476d840d
last-modified: Wed, 10 Aug 2022 16:11:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5cfKATH5kmEdv%2Bn1i%2FA4nMIrCWDrsT93pICSfbPNqFMKWNY1I4qRELhl%2B%2BNFdUKa7gLSq4YulJw6zqSjy949Z8Z%2FbLyksw8Ld0JU8f4u6yNxbiIsxzaIw5Kci%2FhK6WmEkhOZ5nPLWZXl1KlLAHsiFz9xwmx6qlQvw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-649c5bbc6c-pfftz
access-control-allow-credentials: false
cf-ray: 8551e5d678e23a6c-FRA
x-amz-cf-id: PN3_FFfevZWNydvVECr-0-4fKbuA9oSvrZi6YGW0li3Uut0QSTjllA==

GET
H2 200 splitting.min.css
blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/88998707230/1669633900528/proX-duskrise-child/js/libs/splitting-js/ 851 B
1 KB 52ms
50ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/88998707230/1669633900528/proX-duskrise-child/js/libs/splitting-js/splitting.min.css

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c09e1209981b7e756103827805d9fdb0bf49b84e333c396ec712344fcf3b72b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: NMDEJR1MNJAKSVKT
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"70113d077e4bc39dea36bfd7076fe87f"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1669633901364
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 e21deb2f30f16d84eb8e8fda826091d4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: qDLCso9cSbo.7rxp3UDkASqYLxvsjhvb
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 75bbd4c4-528d-4100-8215-95d72c078fc4
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 187
alt-svc: h3=":443"; ma=86400
x-amz-id-2: fmyyNgIZYo6UdzLyrZMIswYIoMApGCZCdKqUS3mRaDXVsAN/bf3a+3ik8u/3bNnaNH0sGMao1BTa2lW91l6bKGE684/Ml0oLQuBFU3RSMLk=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 75bbd4c4-528d-4100-8215-95d72c078fc4
last-modified: Mon, 28 Nov 2022 11:11:42 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PZj5eztrollJWKru%2BM09PIgiN%2BZtsIZ2%2FDQ%2FL%2BJzqs0Bsfi%2FHWLXdsxHTTXuA58z8jjE8ZioB3cJGPJPx%2BrjlVohc%2FizPbq%2FENMo07iVjKzjv5Ww%2BH60%2FSwr9ne0Meh56FJr3KBDYkBzc34fAD0GW2gxqFNkBYrPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-2skps
access-control-allow-credentials: false
cf-ray: 8551e5d678e33a6c-FRA
x-amz-cf-id: QOsntAVKGO8ZvXTjWvHDzQ1nO9fBy2o7Ay-yzl0VyvPTrlSYGLgMuw==

GET
H2 200 splitting-cells.min.css
blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/88985577371/1669633926753/proX-duskrise-child/js/libs/splitting-js/ 972 B
1 KB 54ms
52ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/88985577371/1669633926753/proX-duskrise-child/js/libs/splitting-js/splitting-cells.min.css

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8465bfa3cc647dbf1389cb1095c3e1413c44d332554c66af66e21dd9edcee1bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: CHG6H128C2PNT28Z
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"e60ede13d0e5306b1ba31c4d482a40fd"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1669633927491
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 b5e757a7da6f6fe6261f56a8a9646880.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _3agsZHewXjRnOllL7zPsQ0m3bkyHMBA
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 3b122ed8-6f64-493c-a1ab-368ca2f78568
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 196
alt-svc: h3=":443"; ma=86400
x-amz-id-2: FpuF6fI4ukBgRUA7KDF3rXbdFR4Lfe7MzG6kB0NIrLy+M8I07fwnh27dwcVoOQkTcZQ+T6a4t6Pta0nUwSfWKjGMNAx8ioE3
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3b122ed8-6f64-493c-a1ab-368ca2f78568
last-modified: Mon, 28 Nov 2022 11:12:08 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8UKh0kFetjWSMBZUQ5xx0brYImDoclSziw0TlbwjSo%2BDkabh4IrHa0Rof0r%2BN7LNuUcIv4OQ8iMPTf9jnVFjUCVw0rL5Oih%2FOODQWB9oBwDVhes67tg2kTnVFo7XZ37M3uJ%2F1J6njpx%2B6TwypNNFeDxHvLLJVzUWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54d77d98d9-pbvdq
access-control-allow-credentials: false
cf-ray: 8551e5d678e43a6c-FRA
x-amz-cf-id: 9o3m054jHnat0NkMZ82NEarJFb1lA21Kjqu5icXij2yBL-5O72kvZw==

GET
H2 200 child.min.css
blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/81446103729/1660147906944/proX-C25-child/ 3 KB
2 KB 454ms
452ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/81446103729/1660147906944/proX-C25-child/child.min.css

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa639789809d4c8c52d8294cf26e8f7fb5efddb135dd11638124bfa5075df85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: E4KCTCS9RRY18HSX
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"431ab04ecb2f6d7a1c8c4890e675073c"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1660147908318
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 e32f3698b8d39139f138de8a86d00996.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: cbbvQ8VUJNieXCKqjhoYdaxAkyPMraXE
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 41654d81-bc44-460d-ab33-c721664ab6f3
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 230
alt-svc: h3=":443"; ma=86400
x-amz-id-2: uyTk5NHog0lgzAlv9cGAot/wwzjFs7/zz43WfxXCHfiaUkdazmlQTWD3p2pp0F05GY/4pmAMXzeMbPFWIp61olPnnmOym5CvVe2L7UGK1Ig=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 41654d81-bc44-460d-ab33-c721664ab6f3
last-modified: Wed, 10 Aug 2022 16:11:49 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQxeGaXTj1CPesjJUmY3wG2VcARRe6R5gANRVST%2F0zHbSQnzjG4z%2FGlv6LgtG96wN1i2BACZ%2Bo1iKQppUOWgcmZyTbWeOpxu05sIl3o9tSiBc89ARvPI7ILbzZ5iK2yeTZhsnEEQWVY%2F2a8exHv6bEid%2FfmjSpa9Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-gb4w5
access-control-allow-credentials: false
cf-ray: 8551e5d678e53a6c-FRA
x-amz-cf-id: UlFAc34ENlBizGAvOFZn1wcIRZVDf7QhHUZRC8EOjI4C0Gf0tRBBdg==

GET
H2 200 child.min.css
blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/80514929251/1673618683883/proX-duskrise-child/ 19 KB
8 KB 53ms
51ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/80514929251/1673618683883/proX-duskrise-child/child.min.css

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

50da63237ef8267c46569d7016612c679428b643551212600fbcc2ee8cbcbdfa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: R3XDAK5HRRAKEPSF
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"0a17f87377b23d6d195e756e4c935628"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1673618685099
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 6b7e1e42d74fd61097787cc6c1a37c34.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: G76y5WfK55dr.wdSkojHer8PIrI.S7vF
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: b72dff86-d839-48e6-aeae-f9acd86ae7eb
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 319
alt-svc: h3=":443"; ma=86400
x-amz-id-2: fhUC1Izi++Kry2zuigmfvaBsfm21NwzFtUOa9rCrDSdPVTMH4c6YWbyz/Qf1PwJ2RP+1t25YBdFabJw2yrihYw==
x-evy-trace-route-configuration: listener_https/all
x-request-id: b72dff86-d839-48e6-aeae-f9acd86ae7eb
last-modified: Fri, 13 Jan 2023 14:04:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnR0YyDpjaynJ9mgYSnGDvUpqrhq3oDdhlKv4yOeTc6Z99Y60nGM9r26n%2BIPWsOO6w79O69XJlPp%2B40wzjg6XSUiCh6u4Lk8InOHauyxXOb3krWjczTN61jH5v5fMgwA1klHEz%2FazK0XJlUCy%2FVQvJg5%2FJY3FRj2oA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5d487f56c7-6xtzz
access-control-allow-credentials: false
cf-ray: 8551e5d678e63a6c-FRA
x-amz-cf-id: owQbZmHhDnfoDswsSPfZObR4Le96EE-QOztLl68jdtEr1N-oxIyT7A==

GET
H2 200 module_87568042657_menu.min.css
blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/module_assets/87568042657/1668167162378/ 26 KB
5 KB 51ms
49ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/module_assets/87568042657/1668167162378/module_87568042657_menu.min.css

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cea4d3ec897dda39672ba261e143d762f0f3666340b8f0e5b39f8172ee5297a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2019
x-amz-request-id: 5KR8Q3ETZV5T4DJH
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"47fa04a3ba51715c26a4282d196404bf"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1668167162378
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 9b097dfab92228268a37145aac5629c0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: GvX23IamdjI1s6Q4gNgV1_rF.waVK05f
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 100
alt-svc: h3=":443"; ma=86400
x-amz-id-2: bnUjkkLY3G5Mzvyh7meg64Jpk4iVE1OiOKQ39a6E+Yrv2G/Chz3SmKoT70othGXAXFTED4uL8u8=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 9630a342-2154-4bdf-bffa-f36c858477dd
last-modified: Fri, 11 Nov 2022 11:46:03 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49Hny4TnKwbxxvpW3cGlApj3zqZx%2FlCncjMGnTSIhr%2BqKK3Ht%2B3cwUFoDNbiijw%2BQjy7yX47wgo9h%2F0rL%2ByUyhUWkFUknUEl0vWIbplii6vVw3pOeZYrHYmMtiAN%2FdKttLzq8yw9r59htDdTzJ4ZTpvVJodjUz9BSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-qbhrx
access-control-allow-credentials: false
cf-ray: 8551e5d678e73a6c-FRA
x-amz-cf-id: 4G5QbGceMRz8pmEZrGN2PRW2UfgAYx_DDSgl-4m_DXgutBMRY_VNOw==

GET
H2 200 bundle.min.js Show response
blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/81445138344/1660147917881/proX-C25-child/js/vendor/ 82 KB
25 KB 55ms
54ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/81445138344/1660147917881/proX-C25-child/js/vendor/bundle.min.js

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

292b4619a5b4191631ec00edaef06beb8503f95b6095fc03631b74ac498722fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: YCPV7A9ZQTGB3SDE
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"7799bd2d8e8f619362e25e538b347d18"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1660147918999
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 b4346add631a498bf6cdbf88cbc5ff12.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: faFQ4msw6Ckh9wTpVvLPWoZDGX5Ex26_
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: eb2c32d4-e5db-4b40-a975-c64156a242f6
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 437
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 08irGq6478GQL+8ntiAS3EgUwZJ0W8BR3WWg5Q8qVNpUA7FBu1xFhyzSL4pA2gJ/fSyAbScler4rjK/9D02gqFwJlybt8ZNxAZ6504aCUmw=
x-evy-trace-route-configuration: listener_https/all
x-request-id: eb2c32d4-e5db-4b40-a975-c64156a242f6
last-modified: Wed, 10 Aug 2022 16:12:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggoSdIX1BQThQ3xJJd4A9%2FEzJ4Py6rY7UW0C1FhQJ%2FbK%2FdKL2J2tlfb6tus46LDec4XVoXi0vt89rDvVSUOIvAELLgHjCNd2qmYhJdW2Ki9Av8N0Tb6LpeVhwgY42bXXaik7zlXYCx7x0r9M1KE14BJ4x8JXuaFsXA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54d77d98d9-lx8qs
access-control-allow-credentials: false
cf-ray: 8551e5d688e93a6c-FRA
x-amz-cf-id: wA5E3yEYFE6UtAjzm4mr_XfXcqsyVMvQpQA4Al2kR0Rxun8VfnTqIg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
93 KB 45ms
25ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GT629LHB3L

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d16c1d18224d77f34a8c231f2d66d07e2f73da9d50d9c638b68ed55b4da2c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95273
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 02:31:57 GMT

GET
H2 200 localize.js Show response
global.localizecdn.com/ 62 KB
23 KB 40ms
15ms Script
application/javascript 2606:4700::6812:4af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/localize.js

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce5401d712a106a28a44366103245f8d51728a4f0a10c57332014cc50d851eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-meta-x-amz-meta-v: 479
date: Wed, 14 Feb 2024 02:31:57 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: sWFUzrDHsr8sIUhz2BGFLGoGiKgD6bVl
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P4
age: 82152
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 04 Dec 2023 15:16:22 GMT
server: cloudflare
etag: W/"fa8d46cfc5f22e58b31af6a4c7b3b804"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8551e5d6ac5a9119-FRA
x-amz-cf-id: 5kNXnAZ9M4JrwcT2q-CfsfDIbgAO55aH1V--smMCfnYHkrVi0VHfpg==

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 121ms
35ms Script
text/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9ca01ddeeda8097bcfd3824c995a521bc08177638e70dbd228cf7f0d326014c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV6
x-cdn: AZUR
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-fd-int-roxy-purgeid: 28718918
content-length: 163629
x-li-uuid: AAYRTVPogP9ZiSdHckB2AA==
x-li-pop: prod-lva1-x
vary: Accept-Encoding
x-azure-ref: 20240214T023157Z-vx83xsauc5479dgrq48n1gmmrg0000000550000000009xuh
x-li-fabric: prod-lva1
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
x-li-proto: http/1.1
accept-ranges: bytes
expires: Wed, 14 Feb 2024 02:21:18 GMT

GET
H3 200 DuskRise%20Logo%20White.png
blog.cluster25.duskrise.com/hs-fs/hubfs/ 1 KB
2 KB 942ms
942ms Image
image/webp 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hubfs/DuskRise%20Logo%20White.png?width=120&height=28&name=DuskRise%20Logo%20White.png

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bc8bc683955acb5e70aaf9a207b1caa9947cfa6b27ae6ecc951379c2ea085ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-79514225069,P-21649046,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1264
cf-resized: internal=ok/m q=0 n=902+0 c=0+2 v=2024.1.3 l=1264
last-modified: Mon, 18 Jul 2022 18:12:22 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfY0WAbrtS3wXUDhV-GVK8aCt5_tH4NGImdgbtWASbDQ:fc906bb52fd54fa1a12ec537a2292e72"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBrS39iK8RSKqS0pM0iUC3ZKdGF1QmdQQaAezx5TMC4YJ7TFdV8zeZUo59V0ZLIuz0wB6h4bwWkfgSQQsgJjDV2qxzp97%2BYapzOFkqtxScqDLd1P8487ijOxMCq0RFXLdNEkkU2jQTlZiUjf7JsZOTj4PgJQG45Elw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8551e5d7eeb1bb5b-FRA

GET
H3 200 DuskRise%20Logo%20Dark.png
blog.cluster25.duskrise.com/hs-fs/hubfs/ 1 KB
2 KB 28ms
28ms Image
image/webp 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hubfs/DuskRise%20Logo%20Dark.png?width=120&height=28&name=DuskRise%20Logo%20Dark.png

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3f3343dec104e896b4f1b9862c596b28e029ceca96e3f50436069c67a1c2445

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-79512353897,P-21649046,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1436
cf-resized: internal=ok/m q=0 n=881+0 c=0+4 v=2024.1.3 l=1436
last-modified: Mon, 18 Jul 2022 18:12:08 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfFkpA8CCIyHVCQ-Sjukj97mXf_tH4NGImdgbtWASbDQ:6ac8e4f8b02233720da4bef51dc18651"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3DRNRgag3iOfyklyCo8oumXvFZ%2BxoBT8jbbTIr8X7J8IvShZ7utkocxJuuC9wItvEx28eNQCAWgrPaeJ7vaAg0vmlyddoxss2SWN7BNbgrkFpa6UAo24dGkbzPumCXB1oYD1jpL6bTyu6WGvlLXJcki7dn%2BDYjnwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8551e5d95f37bb5b-FRA

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.388/ 14 KB
6 KB 45ms
20ms Script
application/javascript 2606:4700::6812:5ffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5ffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
x-amz-version-id: GNgANes_HpxlXMl5IDFfVeYnBgfaeeYN
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 953641
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Aug 2023 19:48:57 GMT
server: cloudflare
etag: W/"8741985292d64b839be39c64b14f3783"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xdF2MLBBpFu1haoVqOq8Kw%2FJ%2B4bLRdCNrOoEPpD5JCn4tftNmsGFJeiu6TPktYDv3UybFsM26KyhtXFurDburMN32ic%2FQ2UXD8nWPumIXxj30avHG6Giwuvdetw4fKdd6hESGpZcozh%2FSosG0JZfwCTIaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8551e5d99b089b8f-FRA
x-amz-cf-id: TTCa0jb3HBZtzYsrMuhwBwdNP6iIIF3tbLvWS06j1pDOOAV4QK2IGA==
expires: Thu, 13 Feb 2025 02:31:57 GMT

GET
H2 200 aos.min.js Show response
blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/81445757079/1660147889950/proX-C25-child/js/vendor/ 14 KB
6 KB 55ms
54ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/81445757079/1660147889950/proX-C25-child/js/vendor/aos.min.js

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2e36df0748d27e28aaf174930c75d9b9df7e77cf31845d2be01f672983e9e44

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: ZT4EBG9MDD02HFE1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"fa3e7a84d3f18352c3d73a02dacda0c8"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1660147890495
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 7e9d74c81117937f0703aa3977d2d998.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: j7_FB8.F3Jyel05xfsEkAVFjFUVfLWp2
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: f670eff4-e3a6-49b4-ac5e-2cb649574ccb
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 166
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vN796Uh9DuO+WrajyDlufeTDiJheP6FYRkgxN+oK5gZQlbypHmpclpuBa6X0hmqc+d24ippdSks=
x-evy-trace-route-configuration: listener_https/all
x-request-id: f670eff4-e3a6-49b4-ac5e-2cb649574ccb
last-modified: Wed, 10 Aug 2022 16:11:31 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imgwbEmC2%2FBZBZi2Rheyd2sMhQdmNfRX%2Biq5X3oGShHStIE1%2F7mPAXjikOnNQ8OKgR2LZwB46z%2BuCIUbME4Y75%2FnPBSEiQmUSwi2HSxMOfcB5Os%2BIBD%2FJBJ6OHYZwo6Rv51yU%2F6mlLrDXJJYYPaJILeMw5kp4y%2FLSw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-gb4w5
access-control-allow-credentials: false
cf-ray: 8551e5d688ea3a6c-FRA
x-amz-cf-id: KHxEofi5uiLSNvjXcIRWlsZvZIrA8_etuq7cWHJW1kTH_PDOWRCK3A==

GET
H2 200 splitting.min.js Show response
blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/88996704812/1669633899533/proX-duskrise-child/js/libs/splitting-js/ 4 KB
3 KB 72ms
71ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/88996704812/1669633899533/proX-duskrise-child/js/libs/splitting-js/splitting.min.js

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0d3e1acc71b43a15201f412eaa4f33c0c59258dd85a09c1724911d740f5770d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: T9K9FJ17TN3G80EC
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"8584286ceb3d0612c800d7c76ae86e6c"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1669633899533
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 fba666ceffdeb316c8edf476d8994bd4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CvNYhZeFhkzG3xJnrOM8hiGg4YsvoIVf
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 50f1451e-936a-46fa-8f56-a4affafd3668
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 179
alt-svc: h3=":443"; ma=86400
x-amz-id-2: AdKiMm9lqzbdNxBjRshydXs/OcXLJJLKmZbxi4IrsWgZlRJsYD0GlG7Nl8ie/i5AMb0NB/Q3rYAGFFxd83alJQ==
x-evy-trace-route-configuration: listener_https/all
x-request-id: 50f1451e-936a-46fa-8f56-a4affafd3668
last-modified: Mon, 28 Nov 2022 11:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drG%2FIlU1pT6xu6DDHyaL9MxGYhDs%2FS52GocI7NySXXaexP4pevLGh2rbsu%2BViU%2B3H1r5RaK8ADNG2hWbY1xH%2BEL7R%2FPYDkach2IbwY2HYjSYEOPZvWQ1DLJVnrxOQxJ4JBWIMRUtYkXoXNrd50WEkuXLHdiqLX5qFA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-ffb8c87d4-m7jlw
access-control-allow-credentials: false
cf-ray: 8551e5d688ec3a6c-FRA
x-amz-cf-id: L-49ZssPxWAepLfp7Pw79PX3N72nxDqNPE_ruTHXvKHxAXXQbBADFg==

GET
H3 200 website-scroller.min.js Show response
blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/89271424580/1669633902611/proX-duskrise-child/js/ 1 KB
2 KB 33ms
32ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/89271424580/1669633902611/proX-duskrise-child/js/website-scroller.min.js

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

64a6d3ce28d182d85786671e0a21f18c509468d1a4fdcc64d86a1b1010e62916

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: PD9CMQTESPMZBBK3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"f64de7c16b1d6d9eb5de7bef7bfdfb67"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1669633902840
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 7a99ed3f39c18af8fe138a695e5f657c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _Wu0ddw68oqJAmUN4fqPgpEGbz0ctTGM
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 9f6dec7f-59d6-4f9f-af81-ac4cf2ec79e7
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 139
alt-svc: h3=":443"; ma=86400
x-amz-id-2: L4/5HBm0ci6egbLj2vdoFZKRSSxSrEkhnmyU42UdNzy9iZk5DNZD97Co99eNAJR3xmrGd2g6LHw=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 9f6dec7f-59d6-4f9f-af81-ac4cf2ec79e7
last-modified: Mon, 28 Nov 2022 11:11:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7koM4uVw9oSInazNdW%2FKi%2BGedU51is9Dw8%2F%2BEMqRq8uSBOX%2BVNcqXdRbW4AnIS%2BO7aqbrlBBHphXvN66e%2BYNki9J%2BT5yfyv9v7EEsr8%2B8XF%2FRcUcPP%2Fnnhj1L%2FSfyaVDAT%2BdHM%2F4Ay7Vsu1Jl9f6HJFesnwTNcLzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54d77d98d9-wbfjx
access-control-allow-credentials: false
cf-ray: 8551e5d6de33bb5b-FRA
x-amz-cf-id: enzbZywq3eBdk7vleJTv4iB67i9cDgit5qbB2pP0Nfw5bVPYeV9-kg==

GET
H3 200 website-language-switcher.min.js Show response
blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/98405340582/1673602749401/proX-duskrise-child/js/ 771 B
2 KB 45ms
45ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/98405340582/1673602749401/proX-duskrise-child/js/website-language-switcher.min.js

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9982fb463fe8a2c0ec91eb081aaa3faffa4e500201837557adf3f8d09656f29c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: JCCZB96VCE72YEHV
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"547c259b80bf82b64840bcd054199460"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1673602749603
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 85fc1201a1918facbeb30836e7391660.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 8YeL.iqteUcrCGxZgo5JT_YZfF24PTRG
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: e3ee7f3b-efe4-44b0-a9a5-4ae8eb008d1f
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 192
alt-svc: h3=":443"; ma=86400
x-amz-id-2: LTfjqXfkin3pesXDgmsEeer81eo4kcjFiNP/hXORiUHhJpjxVAmLAtiWRHSOCw2GnohbXu2jsqo=
x-evy-trace-route-configuration: listener_https/all
x-request-id: e3ee7f3b-efe4-44b0-a9a5-4ae8eb008d1f
last-modified: Fri, 13 Jan 2023 09:39:10 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFJ6DhU5IcLjvQfrJXEBZYi2%2FsaTescbwR0Xc6hRRz4DRJ3bl99XIjGiMQyL%2Fxqnh8u7R26oKoX%2FHlOSZ2nTIq1rPF2fe7IzaIJ08HmXam6xAbBzptGAUL03zwmoJbrTgQ0AN9uv9zcT%2BAVLQdZJZpF%2FNQPDoMnBtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5d487f56c7-d7b5c
access-control-allow-credentials: false
cf-ray: 8551e5d6fe3dbb5b-FRA
x-amz-cf-id: v3o5Z4lW3iL8u0PccL681f9cVgmx_4ZdhgJZztwZS6M04X2Id0wt_w==

GET
H3 200 child.min.js Show response
blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/81445623885/1660147899096/proX-C25-child/ 4 KB
3 KB 31ms
31ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/81445623885/1660147899096/proX-C25-child/child.min.js

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3e90892ae2dd12863b6eb5637682591ddea66a3d61f904e37f63231f8961c94

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 2V6VZBTRZ0YET022
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"909f27832faffd3c97611d9296eeddcf"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1660147899517
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 8fc9659fc06389e49927f68638e9bc94.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _lJajZuxzIGM.0J_vEQ1SA6osGFu3r3R
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 42c2c0a8-2d66-4fc7-9d68-6ecc5d748108
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 150
alt-svc: h3=":443"; ma=86400
x-amz-id-2: B/7JyTZZp8duO8EMH2VzYF23Za6MBCH+Zk4r2jqw2R/WWQi9EUwdopzRMFSOdtbd118VrB3ERQA=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 42c2c0a8-2d66-4fc7-9d68-6ecc5d748108
last-modified: Wed, 10 Aug 2022 16:11:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCTkIQKv99xtQpM4HnA4D7LvV4YIe4hDI8JgPpV33Ru2bbdydxRUQz%2F37%2BWvy5E1U4p8JVkAfUkJ73F7n2Q%2FDXM3gLWspxOVwUoE%2BP1l%2FulaqslViE7B82jO6WBg6dCKJmOSFWjpMLsIiJgIhp%2FHS0n%2FR8NwQKg8jw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-vbm4n
access-control-allow-credentials: false
cf-ray: 8551e5d70e46bb5b-FRA
x-amz-cf-id: pYn6n_Y3kn2dkX9p662v2DDZQvZ3sDo4-yzEPYJHjK0hHcgPeDjcBg==

GET
H3 200 module_87568042657_menu.min.js Show response
blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/module_assets/87568042657/1668167161151/ 4 KB
3 KB 33ms
33ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/module_assets/87568042657/1668167161151/module_87568042657_menu.min.js

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a50e4f310fee38f13e61a5e0ef0d3c82e1aea0641120621b1bb2ef105b28656f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: M86V6SR516EP1MB8
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"65a8047269ff3502635bb47b8a8bcc15"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1668167161151
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 c2ab43aa4f5ff7b5cc58894f6a8494bc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: QljHFyG1z6EJhKDgv7LIWnBZ1L.bY12v
x-amz-cf-pop: IAD61-P3
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 9b2ce14a-6932-4e63-ac22-510ff3d4667c
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 191
alt-svc: h3=":443"; ma=86400
x-amz-id-2: PLGPTnJExMXRTfk2BoNE4J2ZKY8FKGHE4xpXdBSo1zTZr0/VFSg/WUIyFpPF7D9HFBWZ7geYEDY=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 9b2ce14a-6932-4e63-ac22-510ff3d4667c
last-modified: Fri, 11 Nov 2022 11:46:02 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mcvKJLQSmNBHBczmkN82Vxl8pGGGpByBoPwc%2FAmeZL9QTAo3cjd%2Bq%2B6SKoO2ES%2FykgDiCQOeb4UKPwO%2FtkBsbzXI3EyCNi%2Fh55TXmsYL631zmNawK%2BoGc3fbxG7tO26gRTIFd8WnUhEhOPvF4aatL8KCXBgiuN3sA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-vbm4n
access-control-allow-credentials: false
cf-ray: 8551e5d73e5bbb5b-FRA
x-amz-cf-id: 9M8hR2-mzmwdKfHgWpocE5IGAXkg1Iy6mex76P3F0BC_TtE2_ymbGA==

GET
H3 200 21649046.js Show response
blog.cluster25.duskrise.com/hs/scriptloader/ 2 KB
1 KB 168ms
168ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs/scriptloader/21649046.js

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3f605ce22a904385ae0df3770f814851c714018fb523eb8b99bdc532a6c6656

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 124790ed-0600-4ef5-945d-df9d144638bf
content-encoding: br
x-envoy-upstream-service-time: 41
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 124790ed-0600-4ef5-945d-df9d144638bf
last-modified: Tue, 13 Feb 2024 12:38:39 GMT
server: cloudflare
x-trace: 2B80237B7615207FA717FE610C7C2A3FBDCFA0ABC6000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://blog.cluster25.duskrise.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-f7f4ffb8f-p4brg
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgXBw%2Bw%2BQPR661EZG9V6JHEUSRe16i1I7EQo1Oa%2FJgDBxAuTfeq%2B1B%2BVqRZUvpP%2FHU2WDANplirGDm3wsLEW0Lp%2FvSLb1gDr44Wa1NMaTSx5VOS975oATl0nQNYgGMyYtXs7SarHxbeq9fV6d0XXwSO5svlWkPda5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8551e5d97f48bb5b-FRA
expires: Wed, 14 Feb 2024 02:33:27 GMT

GET
H3 200 index.js Show response
blog.cluster25.duskrise.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/ 11 KB
5 KB 42ms
42ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 04a40fe66992666426f66bb0ade3912a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 6570976
x-amz-cf-pop: TXL50-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: inhS2tX2f2C4tITR3p2haS.uhsvA9eGz
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Apr 2023 15:17:56 GMT
server: cloudflare
etag: W/"0bbd63c0750f141fd5cec04a9393647e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pui4SUgDRjihLCHVaWTOV9Ohroi9w7vTEhb8vho2tNqHRhMQ7w9Pb8ZXIOiX8rQZNhkDw%2FhVfaY9wpTMJ%2FXtDjlHh3XkI1BMqWnQdJjbxV3ThjW4%2BNDQdzRI%2BnPdbpHLE4OyQui8SY1i%2BThpFg%2B4CxyquzsgddQsVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8551e5d97f49bb5b-FRA
x-amz-cf-id: 8NRs2Wm2ubi5t9HUvpgx9SMwAJYAnsUpgxBkSQl1rau6_0XB0E7nLw==
expires: Thu, 13 Feb 2025 02:31:57 GMT

GET
H2 200 hotjar-3646583.js Show response
static.hotjar.com/c/ 12 KB
5 KB 47ms
34ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3646583.js?sv=6

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

55c697953b32616371720acc6463d7ab9b8b85cf4c073e074f9e5db1b1b44104

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 02:31:57 GMT
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/96e70ef0f4eb14293ad3fde4030dccdd
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: TaApleSAETywwCEYkQvYfC1nz2W7-xm2R8nsN9Rvy8AXOguIJqMVDQ==

GET
H3 200 tu Show response
global.localizecdn.com/api/lib/cEqXuK0bL5ZC6/ 436 B
639 B 128ms
117ms XHR
application/json 2606:4700::6812:4af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/cEqXuK0bL5ZC6/tu?v=479

Requested by

Host: global.localizecdn.com
URL: https://global.localizecdn.com/localize.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:4af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6e12b630f94b866569f89c5ae43847c0b099c21d204a5cf3c9bb6d3514c1b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"1b4-B9LhnEJULNtzT2r5xH1bFLpl+Mg"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8551e5d99854190d-FRA
x-amz-cf-id: iLyZRCoMdXSOOIpTbdIAbyk7XM2Ni1l0hB-JcVnURghz-8k0BU8G5Q==
expires: 0

GET
H3 200 g Show response
global.localizecdn.com/api/lib/cEqXuK0bL5ZC6/ 1 KB
885 B 26ms
16ms XHR
text/plain 2606:4700::6812:4af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/cEqXuK0bL5ZC6/g?v=0&l=source

Requested by

Host: global.localizecdn.com
URL: https://global.localizecdn.com/localize.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:4af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23a746d504f87c90c9df715f65910d2b3ae4ce4db2ddb5e92d9a68f725a33fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
age: 156139
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Feb 2024 07:09:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 8551e5d99852190d-FRA
x-amz-cf-id: QK6Ba_367KyBPcxJ8HmzzpPcHDlV2JZ8nMrm47iitQLmXBG4laZ77Q==

GET
H3 200 DR-blog-hd_04.png
blog.cluster25.duskrise.com/hubfs/ 1 MB
1 MB 41ms
41ms Image
image/webp 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.cluster25.duskrise.com/hubfs/DR-blog-hd_04.png

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7204a35749355700247335513f80c1adfaf3cd634d3a1c68c204dccc2f94985

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-80218314363,P-21649046,FLS-ALL
age: 69170
x-amz-request-id: NQMYPHEBGEPP7HNR
x-amz-server-side-encryption: AES256
edge-cache-tag: F-80218314363,P-21649046,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="DR-blog-hd_04.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "ba8c67f98b1f2d5e00f984d3c87dc227"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1658834855447
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 2e24611fddbdff423496835dad3bf4bc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 5wyAH3A7QSCJ5ShgMKMYld6FYfhQqc2s
x-amz-cf-pop: DUS51-P3
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=2199859
x-cache: RefreshHit from cloudfront
cache-tag: F-80218314363,P-21649046,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 1216727
x-amz-id-2: 2TO4vbLWdXq8Ve8eS6c0CGhkm7bAAoGTBWjkKs5KOmm70Q1zVK2wRy5ROhgUa6zdZiKjwZ5lbCk=
last-modified: Tue, 26 Jul 2022 11:27:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAe2JMyNj8Jw%2FgczGTI9tzNZAM065QMqZEDZNiJFSj1Oy6d%2BRYL4XcGMqIaUz8guNTMt2jsU3mxNquEUsOUuif0KOdieDEwSOko5xmJHZdnocHBPfgILG%2BsLmKP6G0uwiyrLlvJkDi3rmi7yn35Jk5JWLtW%2Fd0dKmg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8551e5d9cf7cbb5b-FRA
x-amz-cf-id: mdEjLCSEuRvLRx7YlucXrxA6vQoaElLSu72m-mR4AXvtd5ZvvjqIhQ==

GET
H3 200 regular.woff2
blog.cluster25.duskrise.com/_hcms/googlefonts/Roboto/ 36 KB
37 KB 883ms
883ms Font
font/woff2 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/_hcms/googlefonts/Roboto/regular.woff2

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd00a24ca284f91808e68c347b9b6582928916388c9cf6d0967d4d576c290761

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
Origin: https://blog.cluster25.duskrise.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 28 Feb 2024 02:31:58 GMT
date: Wed, 14 Feb 2024 02:31:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 49d84581801ea6dd3f53c478c337f294.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: DUS51-P3
x-amz-request-id: 086W6H58Z82WZWBH
x-amz-server-side-encryption: AES256
x-amz-version-id: irdl4heFsnK5to9go7XhDon8v9AyrdmV
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 37172
x-amz-id-2: glbif6t13qO4WLiET5jlarckEj8gkZOFjmhAq/TQaumS8JPUuLKDgIp1+Slv0PeZwLruvstaDQQ=
last-modified: Tue, 17 Jan 2023 21:23:10 GMT
server: cloudflare
etag: "7b95d8aa5ae67dc84d2462f13796e72b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGZGl%2BTpdrntaWk%2FY%2BmvuqsjVigpG%2F2NZQ77o25eSTF5y3q808mLFKRdfjR5dycbWLPRwA3SBU0UvPyuOO6gbcTxN3w2jl8i8VbJOqz2yL2ZkDJZSxbE4Mp3cKoVNYyi3j7ezBTU%2Bed%2F%2BD2Yz88TPPCDvOaRBMu94A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8551e5d9cf7ebb5b-FRA
x-amz-cf-id: kfmAkElbwAEEBMb7_UC35FaMgtFMcC_A9ADif2kuHWYYXx2ULpqzgA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 700.woff2
blog.cluster25.duskrise.com/_hcms/googlefonts/Roboto/ 37 KB
38 KB 893ms
892ms Font
font/woff2 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/_hcms/googlefonts/Roboto/700.woff2

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad70ed8fa0b631822336f58d63f382b54835e2f2d93f5634672eca1e494ba3a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
Origin: https://blog.cluster25.duskrise.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 28 Feb 2024 02:31:58 GMT
date: Wed, 14 Feb 2024 02:31:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 b0fa8632832c868a30d3acd573712a74.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: DUS51-P3
x-amz-request-id: E5X68FW6X542CN9V
x-amz-server-side-encryption: AES256
x-amz-version-id: LjwvQC.zBhGfOewkze5Z2bIEjREAaI3v
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 37544
x-amz-id-2: 5KiDKPpweYSE+zHLQPTXUa/6FU+q/b1qKhlSuS9yQTYuwUmfAdcTZnCXzpXjIV2yb8fUPjynZR4=
last-modified: Tue, 17 Jan 2023 21:23:04 GMT
server: cloudflare
etag: "d694b8c6ccb7d9c0f2a3a58e67931f0e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqpFTuArRL5l0A9ZRKhyJdJ6gLio%2FmOjnEBDI6XpSoqMoU5dAXrE6CL5V8RNIZFWWKH2aAQmGQDhk3JgxEl3MdQQTurgfkCNnvqpsSUX0QzrCoVOFI59JTjc4jptuTBVDNffd45Iy9Fi7dHUwRhECoWogB6DWiVz3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8551e5d9cf7fbb5b-FRA
x-amz-cf-id: jOR1XOcassYvfbjCtfy8XNaq_EMynw2ePo7-xF30TqgcefdHSzGjCQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 fontello.woff2
21649046.fs1.hubspotusercontent-na1.net/hubfs/21649046/raw_assets/public/proX-duskrise-child/fonts/ 7 KB
8 KB 1061ms
1033ms Font
application/font-woff2 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21649046.fs1.hubspotusercontent-na1.net/hubfs/21649046/raw_assets/public/proX-duskrise-child/fonts/fontello.woff2?43946271
Requested by: Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/hs-fs/hub/21649046/hub_generated/template_assets/80514929251/1673618683883/proX-duskrise-child/child.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 701a94690edfdbc60fb15552e6d463697c1b9a6c7e611e50aa12a2751fb870e0

Request headers

Referer: https://blog.cluster25.duskrise.com/
Origin: https://blog.cluster25.duskrise.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-90952347570,FD-90955269039,P-21649046,FLS-ALL
x-amz-request-id: 9K4ZH8EBGA1AP34S
x-amz-server-side-encryption: AES256
edge-cache-tag: F-90952347570,FD-90955269039,P-21649046,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "8d465daf48e7ab0e101eb5b51ef7be74"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1667926285159
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 14 Feb 2024 02:31:58 GMT
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: GZvVDhqrmXt76IkN5Ji29V5HFZFdVs01
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-90952347570,FD-90955269039,P-21649046,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 7176
x-amz-id-2: LljumZWMyqyMse6R5QAyRaRpWZ4LKzYrGXDSL40Vz2N1rfG5SHkAjQUkcy1lwQ5/H7z/rdhSvng=
last-modified: Fri, 11 Nov 2022 15:55:20 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8551e5d9ebad4dc7-FRA
x-amz-cf-id: BObrxaLra1bFC3BahthwQ8wbjfWq3gNhvbIL6HEaNM-unCScp2HoAw==

GET
H3 200 100.woff2
blog.cluster25.duskrise.com/_hcms/googlefonts/Roboto/ 36 KB
37 KB 890ms
890ms Font
font/woff2 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/_hcms/googlefonts/Roboto/100.woff2

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f14d0a68698bd82481470a5b1e91a65397bc5ea729dfe80dc32a74cbd113d30e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
Origin: https://blog.cluster25.duskrise.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 28 Feb 2024 02:31:58 GMT
date: Wed, 14 Feb 2024 02:31:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 04e9e9d9b90b8bb096dac156f847c1a6.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: DUS51-P3
x-amz-request-id: QQ39PRHG30Z7ZK4B
x-amz-server-side-encryption: AES256
x-amz-version-id: QC1IMLL1uTYIQuMnD3epa4fIf5ib40Cx
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 36604
x-amz-id-2: Pag8hL13UVSIMv7jAxdwvuNX0ayd8AnAIsrHiuTERzNvAeodvc+WIJBpI384Vyow8MNmOIqcQrw8ZhQbxtfDbPLmM1zAjY6t
last-modified: Tue, 17 Jan 2023 21:23:03 GMT
server: cloudflare
etag: "0b65c2e776ae3a9f8eb594f20f672d54"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkGhqaJ2%2BS%2BI4vHPaAditRHEHan9SmpHDidkPLNlWkcjdOjDbYM4aBB4cnvqIcv3L1jqgAn1xP2lp5QyWnItpHDxKJI4LfZAY9Q6jw00MoXR1VO4geP62YeeG3POg8Xly%2Fva%2Fpqj42k7VjsfEfFGjB0dtzx51FdmEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8551e5d9cf80bb5b-FRA
x-amz-cf-id: 0Nhy1N65cJE1ESwTDPkAbuwcllAP1KXq6oxvM02uDnjGCUv5BpFUyQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 regular.woff2
blog.cluster25.duskrise.com/_hcms/googlefonts/Halant/ 50 KB
51 KB 888ms
888ms Font
font/woff2 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.cluster25.duskrise.com/_hcms/googlefonts/Halant/regular.woff2

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d670214905118bf8851d189898a3ddb0a28767c65f74bbf29ad505d8274ab7d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
Origin: https://blog.cluster25.duskrise.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 28 Feb 2024 02:31:58 GMT
date: Wed, 14 Feb 2024 02:31:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 eed2fc0be4de295d60fbdc1c413e4628.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: DUS51-P3
x-amz-request-id: HX50JKHW6WKQEGP3
x-amz-server-side-encryption: AES256
x-amz-version-id: vXnop4eTPXfyISndU3nHVm9R75RrYDzD
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 51248
x-amz-id-2: y0l+cbVZ9g3/jvUq4y0KvujBV79gOSdEr1VUfyUR5wi+hNlQ1XPu+O/fH4Cfhcm4EI/xQt400AiGODM16HiCIg==
last-modified: Tue, 12 Sep 2023 22:06:26 GMT
server: cloudflare
etag: "95591619e03fe791c08f7e9278f9216c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGDwHaYZQQuRct4KYBoDFiIz98ksGpmrhaWgxvBMhgQOexau8zR1gB4g7M0YvqCoYD4IBkjRRbsu%2FwOac8VPCZ30i%2FYgJebB6%2FS3J3aU%2BZ2Ua1mJEQeLZw%2Bgqy0oknJ6%2BJJtQnZzCj10yxtkLMXuoWfceC5olXp5Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8551e5d9cf81bb5b-FRA
x-amz-cf-id: 7ivC4NCEF0a0LP_NKeJuIlxeYXwkAQ9E7mo_YwxDNIMFM63nZpH5Qw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

POST
H2 204 collect
region1.google-analytics.com/g/ 0
262 B 34ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GT629LHB3L&gtm=45je42c0v9134915415za200&_p=1707877917652&gcs=G100&gcd=13p3p3p3p5&npa=1&dma_cps=-&dma=1&gdid=dZTQ1Zm&cid=1422740011.1707877918&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&_s=1&sid=1707877917&sct=1&seg=0&dl=https%3A%2F%2Fblog.cluster25.duskrise.com%2F2024%2F01%2F30%2Frussian-apt-opposition&dt=The%20Bear%20and%20The%20Shell%3A%20New%20Campaign%20Against%20Russian%20Opposition&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=774
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GT629LHB3L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 02:31:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.cluster25.duskrise.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 C25_Bear_APT29.png
blog.cluster25.duskrise.com/hs-fs/hubfs/ 59 KB
59 KB 26ms
26ms Image
image/webp 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.cluster25.duskrise.com/hs-fs/hubfs/C25_Bear_APT29.png?width=800&height=400&name=C25_Bear_APT29.png

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfeebee94ea4bc8503ce90c4c4450c70837e0f63955ef51aee84451b59730e23

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-154446132871,P-21649046,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 60068
cf-resized: internal=ok/m q=0 n=1072+0 c=16+59 v=2024.1.3 l=60068
last-modified: Fri, 26 Jan 2024 14:57:36 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cffrbd-Jm9I3SUUy5CEuplRG4lQ2w707gOSBt9a9PVDQ:211b921202d15d6240e7f103fc988c77"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwSXPNQrIuz4ZGAF7jn9Y6K6mfxPfxvisEQeaVk3cH%2Bidph%2B2NmUFm82kEAtlBpA1POB6FzvfCOeJDOriV8djg751PHAk5%2FPeo1ouyaA57V2RQKdYsgOe7cy0ztLSFxICYy9uvtCkKBeqy9Th%2BkLwoQ8T4V8ZVEbWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8551e5da2fb0bb5b-FRA

GET
H2 200 MLuUB2_4357LZc3InfbAzbgPKlMAETzwAWf4lcDaL9Ul6kT1FTS5PF11Gu8d4ANKMVhhDET5D2rsEeJ4EJE7j1pdb4IzCRTSg438JZl8s0SC4hVoSmet5sIUmu72d0nqTbcfHO_NhPwW
lh7-us.googleusercontent.com/ 116 KB
117 KB 244ms
207ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/MLuUB2_4357LZc3InfbAzbgPKlMAETzwAWf4lcDaL9Ul6kT1FTS5PF11Gu8d4ANKMVhhDET5D2rsEeJ4EJE7j1pdb4IzCRTSg438JZl8s0SC4hVoSmet5sIUmu72d0nqTbcfHO_NhPwW

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6524dfe6cec32edc3fd333ff263546805b9ada8418127fc267ad892fce86024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119036
x-xss-protection: 0
expires: Thu, 15 Feb 2024 02:31:57 GMT

GET
H2 200 Utpszy3pUUJN7aOe37R_AQ98vqoosOJskqrj2Ryb5gVx1f7bPQPQ4fRQutBCe0kvAsrOmTfWQGbwnjm9OYLQNh-Y3kKPlcW_Ms3cTTS1qYhdJhWKB2J0NCHpRhD7aSbyHm7RsTlMwZA3
lh7-us.googleusercontent.com/ 25 KB
25 KB 251ms
215ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/Utpszy3pUUJN7aOe37R_AQ98vqoosOJskqrj2Ryb5gVx1f7bPQPQ4fRQutBCe0kvAsrOmTfWQGbwnjm9OYLQNh-Y3kKPlcW_Ms3cTTS1qYhdJhWKB2J0NCHpRhD7aSbyHm7RsTlMwZA3

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0f53864a0a6e97f4a321616b7152afccfb359fed4ab79b68f6a76df069b99221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25523
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Feb 2024 02:31:57 GMT

GET
H2 200 Ta4fhctq2rrg_FrgtAwAnHPntltM9W4vBkdXkvtCE5AnDBw3LVQw3VK_iAcWu7IKh5d6Opa053btOqa8ho0wZhmigTJ8qWrzSBqwCFP6UEGiivsEmKta1Ja9hb1hgcfqRNqetvKH_H9T
lh7-us.googleusercontent.com/ 93 KB
93 KB 257ms
221ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/Ta4fhctq2rrg_FrgtAwAnHPntltM9W4vBkdXkvtCE5AnDBw3LVQw3VK_iAcWu7IKh5d6Opa053btOqa8ho0wZhmigTJ8qWrzSBqwCFP6UEGiivsEmKta1Ja9hb1hgcfqRNqetvKH_H9T

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

85284a523aed692b1c92e504c1d3e3191846c4b9f5e65bf1798a25a92027803e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95098
x-xss-protection: 0
expires: Thu, 15 Feb 2024 02:31:57 GMT

GET
H2 200 -qK8G1I1IQNGwOtQCpaVl1zQqceIgobuaiFfNxH3S41TbLKFoIygN_-LbulSj2Cz09fbONt5H7Y_627IU-qvAYW-Omu78lQNz_f5528ONGE2c38hpPDac7lziyU0gBEw-iKJLRxDOqyH
lh7-us.googleusercontent.com/ 16 KB
16 KB 272ms
236ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/-qK8G1I1IQNGwOtQCpaVl1zQqceIgobuaiFfNxH3S41TbLKFoIygN_-LbulSj2Cz09fbONt5H7Y_627IU-qvAYW-Omu78lQNz_f5528ONGE2c38hpPDac7lziyU0gBEw-iKJLRxDOqyH

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

617408071e126b8e069849d018826dacc0663791fffccd4a51c47de189cbed4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16807
x-xss-protection: 0
expires: Thu, 15 Feb 2024 02:31:57 GMT

GET
H2 200 e3uTP98SkSfGxyU80b5YKzKy2Uas6lqHG_qllxyqR5JPi4LYD7twtxyk8AG5HpMWQrm0gXVjm4uYUGCAKfFfnWLnFU4Jgklth1Tsl48VCqtzNH7CfnY2-kR12iIBhT1OzQPdtfGc-okS
lh7-us.googleusercontent.com/ 201 KB
201 KB 260ms
224ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/e3uTP98SkSfGxyU80b5YKzKy2Uas6lqHG_qllxyqR5JPi4LYD7twtxyk8AG5HpMWQrm0gXVjm4uYUGCAKfFfnWLnFU4Jgklth1Tsl48VCqtzNH7CfnY2-kR12iIBhT1OzQPdtfGc-okS

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0b7a299f37cd8e1bc55138e3c539f960ec3c47e76329e101967cc7b59ce2078d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205535
x-xss-protection: 0
expires: Thu, 15 Feb 2024 02:31:57 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
3 KB 28ms
10ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6acf68782883d266ab77ef7d0e210098ff1d21bd01dbe57944f796024ead8a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 02:31:57 GMT
content-md5: ja4xZuH+tJwk3OwIzNFrGQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: b9+t5xgpGzpmBoz++PK+okQXK5O5mr4DE5qWw1b3/lhg3OhO99AwdxSyc7phDAbplITJiQzdB/oRPoawUMpOBQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 448845f72e7680f20b2dec2809bab629
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "d30c2a98a552de09ca91f703da86a8fd"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 14 Feb 2024 02:34:08 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 57ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBC) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 14 Feb 2024 02:31:57 GMT
Content-Encoding: gzip
Age: 641
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (amb/6BBC)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
1 KB 208ms
181ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=21649046&callback=jsonpHandler

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 3781f8d6-8866-44fd-90b1-12f34c5f9b9c
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8551e5da5bf59296&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: 3781f8d6-8866-44fd-90b1-12f34c5f9b9c
server: cloudflare
x-trace: 2BD0AA194D2CF7B6BE60480849626240DE22DFCC79000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-scqj6
x-evy-trace-virtual-host: all
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 8551e5da5bf59296-FRA

GET
H2 200 tl.gif
global.localizecdn.com/api/lib/cEqXuK0bL5ZC6/ 43 B
322 B 314ms
312ms Image
text/plain 2606:4700::6812:4af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://global.localizecdn.com/api/lib/cEqXuK0bL5ZC6/tl.gif?l=source&c=1588185

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 43
pragma: no-cache
last-modified: Wed, 14 Feb 2024 02:31:58 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8551e5da4dbd9119-FRA
x-amz-cf-id: 2Ya4yskB-DuuYdncwKR9CyWZKcGC1CynTngUEF21QgkDnMxGG9Nt-Q==
expires: 0

GET
H2 200 tl.gif
global.localizecdn.com/api/lib/cEqXuK0bL5ZC6/ 43 B
201 B 321ms
319ms Image
text/plain 2606:4700::6812:4af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://global.localizecdn.com/api/lib/cEqXuK0bL5ZC6/tl.gif?l=en&c=3179667

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 43
pragma: no-cache
last-modified: Wed, 14 Feb 2024 02:31:58 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8551e5da4dbf9119-FRA
x-amz-cf-id: lrBgRSEOXO5p8c5MfW1Co5a8ZaGc9XvlWWw9194xNuXT-FdQoram7A==
expires: 0

GET
H2 200 modules.332f72b7517862cb5491.js Show response
script.hotjar.com/ 218 KB
55 KB 20ms
7ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.332f72b7517862cb5491.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3646583.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

ede37311a061ba59683f41def4a08d64dc07ab124288e2fb1d3e7e4b0e482e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 15:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 124851
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55357
last-modified: Mon, 12 Feb 2024 15:50:22 GMT
etag: "b01352c7d6ce65a19929984f9a17c8cf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: BJZPjaQ7tNjRgFH7OPERjtKik8lMts0QQOehTV0IfQHWsn5JZryRxA==

GET
H3 200 all.js Show response
connect.facebook.net/en_GB/ 305 KB
86 KB 17ms
9ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=4972fa85d2115ace6f73f18975c35445

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ff908e8eae637d424c2d9fb3949042e2efcfefee39a9b07fa861847dc4090f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
Origin: https://blog.cluster25.duskrise.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 02:31:57 GMT
content-md5: ffGVlV3R61e0JuvUle5UWA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88160
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: wv3MSZpEStCWqnqFNrmRHsssggrgcKmA4GZtP0ezSUlIo13mN5jn9+KZCGN9ajs/V1WDkVZn4elaZtPRVjpzbA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c5e52af911d5e8a13b88b2cb92cef6e0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "8779c72ae28287f6b8f09beb5706cf25"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 13 Feb 2025 02:00:01 GMT

GET
H2 200 21649046.js Show response
js.hs-analytics.net/analytics/1707877800000/ 66 KB
21 KB 439ms
421ms Script
text/javascript 2606:4700::6810:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1707877800000/21649046.js
Requested by: Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/hs/scriptloader/21649046.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6be5c890ff83715fa80064d59907a0d9716f3dd97c97dc848c28748e061ee448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:58 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 0Y2MV5WTT5WANXCV
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 5545e331-67dd-4e69-ac1f-b248f4d390fa
x-envoy-upstream-service-time: 31
x-amz-id-2: IGdnijkSqDBGXnjKsYJ8Vkv3dOUmdxIZLQ27GMWyhsiq5/6rufSKO9SrW22hkJPzfJXwsnWCDHVnpBqrD4ep8A==
x-evy-trace-listener: listener_https
x-request-id: 5545e331-67dd-4e69-ac1f-b248f4d390fa
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 12 Feb 2024 15:32:55 GMT
server: cloudflare
etag: W/"95fcd839504d1119fe8275a35d65759e"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-rk9w9
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8551e5dafb369ba7-FRA
expires: Wed, 14 Feb 2024 02:36:58 GMT

GET
H2 200 21649046.js Show response
js.hs-banner.com/ 73 KB
19 KB 325ms
308ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/21649046.js
Requested by: Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/hs/scriptloader/21649046.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d620f1b33ebaeb78ea40f4fdd642afc076a8401787707e615031858b6535d9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:58 GMT
x-amz-version-id: _V3U8VCMIqG8SY6qrfheT1zfIvJdgiJO
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: WQ624D5JM0C85QPP
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 92e2942f-6890-46f3-8f3c-0400735e6913
x-envoy-upstream-service-time: 50
x-amz-id-2: ing6V0X8n36GxmcH6whqiJiepyXy5wboHEtuALI/MjxTyVsiTOGfGYNSfN/16UzqHF+I4Zntr5g3Y8K9+kJoZmUJIXBWhjpJ
x-evy-trace-listener: listener_https
x-request-id: 92e2942f-6890-46f3-8f3c-0400735e6913
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 12 Feb 2024 15:32:56 GMT
server: cloudflare
etag: W/"db0a856a3bedb82d4211325aeeffb5a9"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.duskrise.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-phrfm
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8551e5dafe88373d-FRA
expires: Wed, 14 Feb 2024 02:36:58 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 35ms
19ms Script
application/javascript 2606:4700::6811:e6a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/hs/scriptloader/21649046.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e6a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2debd6ce789e7438d89d4880b6aabc52ec3bb6a9dea893a4b7ec5d93a665449f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:57 GMT
x-amz-version-id: sGb6bXvpGw5hEOV9uUkfQtlKd_0jKavg
via: 1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 193
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.521/bundles/pixels-release.js&cfRay=8551e121ddf34dcd-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 4819536a-d38f-433c-b30c-9999fbdcd81f
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4819536a-d38f-433c-b30c-9999fbdcd81f
last-modified: Fri, 09 Feb 2024 15:01:27 UTC
server: cloudflare
etag: W/"975318a7c14a7f0327ed4a345ea808e2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-mjwfl
cf-ray: 8551e5dafc194d73-FRA
x-amz-cf-id: OFuYELWEr8j2-plMkCPoMYea9vN2P4CQQSof15i3D2mGw_gwmKhSZg==
x-hs-target-asset: adsscriptloaderstatic/static-1.521/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 139ms
123ms Script
application/javascript 2606:4700::6811:579a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: blog.cluster25.duskrise.com
URL: https://blog.cluster25.duskrise.com/hs/scriptloader/21649046.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:579a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c326f96b9af470b51c887a189b1f81d241d6beef4844b37c8add5144fa6f55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
Origin: https://blog.cluster25.duskrise.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:58 GMT
x-amz-version-id: JAkD5shSwdxe4gNEROP8R.wQbdFvcCSE
via: 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 4d59b33f-27a1-4a85-9de4-476089e3761c
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.451/bundles/project.js&cfRay=8551e5daf86e2baa-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 4
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4d59b33f-27a1-4a85-9de4-476089e3761c
last-modified: Wed, 03 Jan 2024 09:59:36 UTC
server: cloudflare
etag: W/"dc52d8d37d1323196ca91b50795df6c4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-267kd
cf-ray: 8551e5daf86e2baa-FRA
x-amz-cf-id: zUypia8ciDSfdhQIe1bbIbw8saK7E74uWeJ2rV6AbwKayr3l8nzb_w==
x-hs-target-asset: collected-forms-embed-js/static-1.451/bundles/project.js

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame 55D6 319 KB
104 KB 14ms
14ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fblog.cluster25.duskrise.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB9) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5562626
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Wed, 14 Feb 2024 02:31:57 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BB9)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 119ms
59ms XHR
application/json 63.35.22.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=3646583&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.332f72b7517862cb5491.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 63.35.22.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-22-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 42e89a2b99c725ad6d3c0e3bc7507230f43c2d5a7604d7d1f2ce9a90c996db86

Request headers

Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Feb 2024 02:31:58 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 55D6 869 B
658 B 165ms
125ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=25a92668f8b94e55a3d48ff1c854d9cf74e917db

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fblog.cluster25.duskrise.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-response-time: 107
date: Wed, 14 Feb 2024 02:31:57 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 14 Feb 2024 02:31:58 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 6c2209edd0822290
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: 84cf313de05f7f66806c4db7d738c8a7173a4d684a1e3aa365b65f7b30ed557a
content-length: 337

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 116 B
440 B 118ms
117ms XHR
application/json 2606:4700::6811:579a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=21649046&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:579a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bf14f8550bc4e43b733c39eab3d99b92da73a890e1c113da40b699d2316bde7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: de2d0685-2ffe-4fad-8700-50544de9d74d
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: de2d0685-2ffe-4fad-8700-50544de9d74d
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.cluster25.duskrise.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-nww6r
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8551e5dbe8e32baa-FRA

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 124ms
109ms Preflight
application/octet-stream 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://blog.cluster25.duskrise.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://blog.cluster25.duskrise.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 8551e5dd093071dc-FRA
content-length: 0
content-type: application/octet-stream
date: Wed, 14 Feb 2024 02:31:58 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 0
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-pbs6d
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 389f7deb-c874-4d2b-a3aa-d8e56110dd0a
x-request-id: 389f7deb-c874-4d2b-a3aa-d8e56110dd0a

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
173 B 132ms
131ms XHR
text/plain 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-banner.com/cookie-banner-public/v1/activity/view

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/21649046.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Feb 2024 02:31:58 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7b41c945-cdac-426b-ad17-83499744d86f
x-envoy-upstream-service-time: 21
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7b41c945-cdac-426b-ad17-83499744d86f
server: cloudflare
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://blog.cluster25.duskrise.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-phrfm
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8551e5ddb9af71dc-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
617 B 129ms
128ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1244852406&v=1.1&a=21649046&pi=154421104190&ct=blog-post&ccu=https%3A%2F%2Fblog.cluster25.duskrise.com%2F2024%2F01%2F30%2Frussian-apt-opposition&cpi=154421104190&cgi=79260149140&lpi=154421104190&lvi=154421104190&lvc=en&pu=https%3A%2F%2Fblog.cluster25.duskrise.com%2F2024%2F01%2F30%2Frussian-apt-opposition&t=The+Bear+and+The+Shell%3A+New+Campaign+Against+Russian+Opposition&cts=1707877918788&vi=ebca9c41d91887b2130a2a2e001a3424&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 02:31:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 404430a1-c09b-411a-8e0f-eff873aab779
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 13
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 404430a1-c09b-411a-8e0f-eff873aab779
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUky2B4cVCZQfic7J1MogYM6I4OjRlCfH7NwUPGANHAXs6Mxpsxc3%2BaBbd02zvd%2BenRi%2FJcAkNFiZ%2B%2FhpeqEYH5Z3NFnKGUiav35T5GaCrWphUVn8QZWBWu39HzrET9HM%2FI3h3rZYu3Pjtw33vMD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-68f68ffdf9-zrmfx
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8551e5e07de59296-FRA
x-robots-tag: none

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.blog.cluster25.duskrise.com/	1970-01-20 18:24:39	Name: __cf_bm Value: GCQhN8TwuJFK0auKQ83y.dW3PzAOkN0Ux.OW2ysJVp4-1707877917-1-AdfHazOp3I8jJvgCFE9pYAOvqCSPKUWsl26UUY4X/44nmImC0QoPdMoot2KYo+so4yJVBrSlPl2Iqdz+aIIziLs=
.blog.cluster25.duskrise.com/	1969-12-31 23:59:59	Name: __cfruid Value: a2594a7b803c75ad300db3c7ca77b1bb69791cd5-1707877917
.duskrise.com/	1970-01-21 03:10:13	Name: _hjSessionUser_3646583 Value: eyJpZCI6IjBjMmJmNjc4LTU3M2QtNWQ5MS1iZDUyLTgwZDc5ZmMwZDNhMyIsImNyZWF0ZWQiOjE3MDc4Nzc5MTc5NTYsImV4aXN0aW5nIjp0cnVlfQ==
.duskrise.com/	1970-01-20 18:24:39	Name: _hjSession_3646583 Value: eyJpZCI6ImVlZmRlYjczLTMyOTQtNDAxMi1hYzRkLTI2NmU0ZjUxMzgzYyIsImMiOjE3MDc4Nzc5MTc5NTYsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.hubspot.com/	1970-01-20 18:24:39	Name: __cf_bm Value: G4CswIuCz5UmlngvXlGT5pm7U2aweS70neQ5FVLoJyQ-1707877917-1-AQAhBuwksnoDjSs6bJthe0nFHJS0ym/yaJWeoCeQoZElaho8ayrvq8ruHV1sTgYAKJzsdNNdNKCn4F2/qXT6Z+w=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: zKv6iz_qv4c0FosmJlulrJ9FL3eHQ7qjxia644twvR4-1707877917991-0-604800000

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.cluster25.duskrise.com/2024/01/30/russian-apt-opposition Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21649046.fs1.hubspotusercontent-na1.net
app.hubspot.com
blog.cluster25.duskrise.com
connect.facebook.net
content.hotjar.io
forms.hscollectedforms.net
global.localizecdn.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
lh7-us.googleusercontent.com
platform.linkedin.com
platform.twitter.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
static.hsappstatic.net
syndication.twitter.com
track.hubspot.com
www.googletagmanager.com
104.244.42.72
13.32.27.54
18.66.97.10
2001:4860:4802:34::36
2606:2800:234:59:254c:406:2366:268c
2606:2c40::c73c:67e4
2606:4700:4400::6812:297c
2606:4700:4400::ac40:991b
2606:4700::6810:4eba
2606:4700::6811:579a
2606:4700::6811:e6a3
2606:4700::6812:4af
2606:4700::6812:5ffd
2606:4700::6813:9b53
2620:1ec:bdf::60
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2001
2a03:2880:f084:105:face:b00c:0:3
63.35.22.222
0b7a299f37cd8e1bc55138e3c539f960ec3c47e76329e101967cc7b59ce2078d
0f53864a0a6e97f4a321616b7152afccfb359fed4ab79b68f6a76df069b99221
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1a5b9f6e091aa96c2cce65d99580a34332bba2c1f43454ecd8533246336c7901
23a746d504f87c90c9df715f65910d2b3ae4ce4db2ddb5e92d9a68f725a33fd6
28b33f216d0c214e089e01dd10764e8dd83aee8cb1b9c125f48db2e4e74f9ba6
292b4619a5b4191631ec00edaef06beb8503f95b6095fc03631b74ac498722fe
2cea4d3ec897dda39672ba261e143d762f0f3666340b8f0e5b39f8172ee5297a
2debd6ce789e7438d89d4880b6aabc52ec3bb6a9dea893a4b7ec5d93a665449f
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
42e89a2b99c725ad6d3c0e3bc7507230f43c2d5a7604d7d1f2ce9a90c996db86
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50da63237ef8267c46569d7016612c679428b643551212600fbcc2ee8cbcbdfa
55c697953b32616371720acc6463d7ab9b8b85cf4c073e074f9e5db1b1b44104
5aa639789809d4c8c52d8294cf26e8f7fb5efddb135dd11638124bfa5075df85
5bf14f8550bc4e43b733c39eab3d99b92da73a890e1c113da40b699d2316bde7
617408071e126b8e069849d018826dacc0663791fffccd4a51c47de189cbed4d
64a6d3ce28d182d85786671e0a21f18c509468d1a4fdcc64d86a1b1010e62916
6524dfe6cec32edc3fd333ff263546805b9ada8418127fc267ad892fce86024f
6acf68782883d266ab77ef7d0e210098ff1d21bd01dbe57944f796024ead8a65
6be5c890ff83715fa80064d59907a0d9716f3dd97c97dc848c28748e061ee448
6d620f1b33ebaeb78ea40f4fdd642afc076a8401787707e615031858b6535d9a
701a94690edfdbc60fb15552e6d463697c1b9a6c7e611e50aa12a2751fb870e0
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
7c326f96b9af470b51c887a189b1f81d241d6beef4844b37c8add5144fa6f55d
8465bfa3cc647dbf1389cb1095c3e1413c44d332554c66af66e21dd9edcee1bd
85284a523aed692b1c92e504c1d3e3191846c4b9f5e65bf1798a25a92027803e
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8bc8bc683955acb5e70aaf9a207b1caa9947cfa6b27ae6ecc951379c2ea085ef
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
9982fb463fe8a2c0ec91eb081aaa3faffa4e500201837557adf3f8d09656f29c
9ad70ed8fa0b631822336f58d63f382b54835e2f2d93f5634672eca1e494ba3a
9ca01ddeeda8097bcfd3824c995a521bc08177638e70dbd228cf7f0d326014c9
9d16c1d18224d77f34a8c231f2d66d07e2f73da9d50d9c638b68ed55b4da2c92
9ff72cdb0b76e451b768bd1269c38816636d1b8ae396b0f8604b986040527ca2
a50e4f310fee38f13e61a5e0ef0d3c82e1aea0641120621b1bb2ef105b28656f
b0d3e1acc71b43a15201f412eaa4f33c0c59258dd85a09c1724911d740f5770d
b3f605ce22a904385ae0df3770f814851c714018fb523eb8b99bdc532a6c6656
c09e1209981b7e756103827805d9fdb0bf49b84e333c396ec712344fcf3b72b5
c3e90892ae2dd12863b6eb5637682591ddea66a3d61f904e37f63231f8961c94
c7204a35749355700247335513f80c1adfaf3cd634d3a1c68c204dccc2f94985
cd00a24ca284f91808e68c347b9b6582928916388c9cf6d0967d4d576c290761
ce5401d712a106a28a44366103245f8d51728a4f0a10c57332014cc50d851eec
cfeebee94ea4bc8503ce90c4c4450c70837e0f63955ef51aee84451b59730e23
d670214905118bf8851d189898a3ddb0a28767c65f74bbf29ad505d8274ab7d3
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e2e36df0748d27e28aaf174930c75d9b9df7e77cf31845d2be01f672983e9e44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f3343dec104e896b4f1b9862c596b28e029ceca96e3f50436069c67a1c2445
e6e12b630f94b866569f89c5ae43847c0b099c21d204a5cf3c9bb6d3514c1b19
ede37311a061ba59683f41def4a08d64dc07ab124288e2fb1d3e7e4b0e482e9b
f14d0a68698bd82481470a5b1e91a65397bc5ea729dfe80dc32a74cbd113d30e
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
ff908e8eae637d424c2d9fb3949042e2efcfefee39a9b07fa861847dc4090f7f

blog.cluster25.duskrise.com Open in urlscan Pro 2606:2c40::c73c:67e4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

79 %IPv6

17 Domains

21 Subdomains

19 IPs

3 Countries

2652 kBTransfer

4341 kBSize

6 Cookies

41 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.cluster25.duskrise.com Open in urlscan Pro
2606:2c40::c73c:67e4 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

79 %
IPv6

17
Domains

21
Subdomains

19
IPs

3
Countries

2652 kB
Transfer

4341 kB
Size

6
Cookies

60 HTTP transactions
0 data transactions