urlscan.io logo urlscan.io
SecurityTrails logo

threatintel.blog Open in urlscan Pro
2606:4700:3030::681c:afa  Public Scan

Go To Rescan Add Verdict Report
URL: https://threatintel.blog/OPBlueRaven-Part2/
Submission: On December 28 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 46 HTTP transactions. The main IP is 2606:4700:3030::681c:afa, located in United States and belongs to CLOUDFLARENET, US. The main domain is threatintel.blog.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 31st 2020. Valid for: a year.
This is the only time threatintel.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
34 2606:4700:303... 13335 (CLOUDFLAR...)
1 151.101.12.134 54113 (FASTLY)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.64.134 54113 (FASTLY)
2 143.204.215.101 16509 (AMAZON-02)
3 151.101.12.64 54113 (FASTLY)
46 6
34    2606:4700:3030::681c:afa (United States)

ASN13335 (CLOUDFLARENET, US)
threatintel.blog
1    151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
threatintel-blog.disqus.com
4    2606:4700::6812:a913 (United States)

ASN13335 (CLOUDFLARENET, US)
c.disquscdn.com
2    151.101.64.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
2    143.204.215.101 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-101.fra53.r.cloudfront.net
cdn.viglink.com
3    151.101.12.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
links.services.disqus.com
Domain Requested by
34 threatintel.blog threatintel.blog
4 c.disquscdn.com threatintel-blog.disqus.com
3 links.services.disqus.com c.disquscdn.com
2 cdn.viglink.com
2 disqus.com threatintel-blog.disqus.com
1 threatintel-blog.disqus.com threatintel.blog
46 6
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-31 -
2021-07-31		 a year crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
viglink.com
Amazon		 2020-12-13 -
2022-01-11		 a year crt.sh
f.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2		 2020-11-25 -
2021-12-27		 a year crt.sh

This page contains 2 frames:

Primary Page: https://threatintel.blog/OPBlueRaven-Part2/
Frame ID: E473F88E31DA68FF8E7F6D968458F499
Requests: 45 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=threatintel-blog&t_u=https%3A%2F%2Fthreatintel.blog%2FOPBlueRaven-Part2%2F&t_d=%0A%20%20%20%20%20%20%20%20OpBlueRaven%3A%20Unveiling%20Fin7%2FCarbanak%20-%20Part%20II%20%3A%20BadUSB%20Attacks%0A%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20OpBlueRaven%3A%20Unveiling%20Fin7%2FCarbanak%20-%20Part%20II%20%3A%20BadUSB%20Attacks%0A%20%20%20%20&s_o=default
Frame ID: FE1F39B835E95CF8F3229D481B5B83E9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

46
Requests

100 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

67296 kB
Transfer

73260 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
threatintel.blog/OPBlueRaven-Part2/ 		30 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b212fab9e2f99ad872986a81de8d14f0615ae0d8546c88eb9bdfd8ec8bd74ac

Request headers

:method
GET
:authority
threatintel.blog
:scheme
https
:path
/OPBlueRaven-Part2/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-type
text/html
set-cookie
__cfduid=dfc1a2310186b1edb1ce44b287d1c69dd1609188546; expires=Wed, 27-Jan-21 20:49:06 GMT; path=/; domain=.threatintel.blog; HttpOnly; SameSite=Lax; Secure
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
074cb5b1070000bf28f886f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rePrTYLgxu9KOU%2F0eZhkWFVkHPmaYDcwQG4Bh3OqXjkduk4g2BjmQ7boQqu%2FqKDLYE8HlcF9F4zU2Hsf%2B55RYjzDtkyxXEylR2lylmIS98xLA0YYIS35PLRifJ8I"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
608e2561aa24bf28-FRA
content-encoding
br
style.css
threatintel.blog/css/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/css/style.css
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90dac338b56dbc7fff2644435b463ffae3c702658f9c50acf4adf3cdc0dc2b40

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
W/"6eb6-5ae4334e9deb7-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gvT8fCC0J8RmzvIiUZYkTMIZtbLvi1h%2B5xRgfS1kYPbpFa9D%2F3H0OkXlP%2BImzH85GC8gOQS801GJoZ2bXnyXCZjbH7TZj9byXvWbO%2F0%2FgDpnTRKTaivwwy3%2F9bHL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608e2561ea5dbf28-FRA
cf-request-id
074cb5b1340000bf2811009000000001
.css
threatintel.blog/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/.css
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eaU%2Bbd6hbPq4efBP8%2BE2zcJSrGt5Xs%2F6IudYRw2JDUC1RprgiQhjAsdzmyVlHTgIPje3klfCQna2d1l3n1FOmNrEo0JtaX2olZ5%2B22DAy6pqFuqN8FxL4byKV7vD"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
608e2561ea5fbf28-FRA
cf-request-id
074cb5b1360000bf28f3250000000001
rtl.css
threatintel.blog/css/ 		2 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/css/rtl.css
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd92b74f4ddf259c2666695ff0c71fcdd82646aebf80b1fa7b44c93e326b35ae

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
W/"81e-5ae4334e9deb7-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X1Sk8DJtN7voVo8l3guPc7zQvpeYAON6ifRMUIbMlFLm7MSzHVZVxxK1tJUQ3%2BG2aLV3%2Bau1YSRFnNusjHFpbj8wjGWmvmPuFYl87XdfbtpbjFNx2YBNnkZxf%2FiL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608e2561ea60bf28-FRA
cf-request-id
074cb5b1350000bf28f8872000000001
cover.jpg
threatintel.blog/OPBlueRaven-Part2/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatintel.blog/OPBlueRaven-Part2/cover.jpg
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd7f7e62b1c2c4cafeb59a4e08d1f01b01acbca91d180359e067c216b1ce167c

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
"f1a8-5ae4334e9cf17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9f8HC1x9uuHJ09ojkNbsEAPHoGvP%2Fsjr1ibq%2FqS8ZfhB2ub%2FjD92lJRRnl4ItsO6GzYC7a%2FNJpv0q%2BYSu%2F%2FJQm4B5LgcEYKMwZGdXU3UQiL8HhO%2FI1qRZilAbX43"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
608e2561fa6bbf28-FRA
content-length
61864
cf-request-id
074cb5b13b0000bf281d379000000001
BadUSB.png
threatintel.blog/OPBlueRaven-Part2/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatintel.blog/OPBlueRaven-Part2/BadUSB.png
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4df3441c5596a9e04138f567324a3beb565f60213b702f98abb8eb8d53c885d5

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
"14bbf-5ae4334e9cf17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1DiACI7Wbza8k7f%2FRlmbdK%2FxMzaxSWd7LzphATs21456mYHs%2Bv2gd8mhiSlpYEu5KRXdrTbsoxVpna64S7SXD4bQAHYDULkpAkFkCTevGZ9Di3lsE0sBe9RLCKEJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
608e2561fa6cbf28-FRA
content-length
84927
cf-request-id
074cb5b13c0000bf280c179000000001
video2.gif
threatintel.blog/OPBlueRaven-Part2/ 		63 MB
63 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatintel.blog/OPBlueRaven-Part2/video2.gif
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e06d200a80a1ebd9e229c69ab023ed9c8f4fc38cd2688fe3d7b2ac06d9a8ee7

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
"3ef38ec-5ae4334e903f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EPhkDnD5RCX4muxvOyGD65AnOXziAsEHZTFBehupc5iTHTlK7k1SxeF%2FugGSYaTqCSn3cZckBu4kkPCVckB4CxzRFURXPfKxSPB9krVeTw1fPrxqhhqQdKXAQJcA"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
608e2561fa6dbf28-FRA
content-length
66009324
cf-request-id
074cb5b13c0000bf28e297a000000001
converttokeystroke.svg
threatintel.blog/OPBlueRaven-Part2/ 		1 MB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatintel.blog/OPBlueRaven-Part2/converttokeystroke.svg
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9d6acb37277f9a608ceacdbf8f2b32c5fd3a65ebc5714684009ed21a6ddca23

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
W/"134107-5ae4334e9bf77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TUpwI5cVNntjN1ByWiUK1g6ltHJ4kjOFXaN6WjxZ89ffdR5F5VeJnD9Rl9fjY1Zr0%2Bo%2BeYlpVXV2nrcnbFK3NesGlQmcJOxDDoYtjGo%2Fg8Dfaq8OpoM4MeikVUt6"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608e2561fa6ebf28-FRA
cf-request-id
074cb5b13c0000bf28f8873000000001
milk.svg
threatintel.blog/OPBlueRaven-Part2/ 		1 MB
292 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatintel.blog/OPBlueRaven-Part2/milk.svg
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
730c4cfbf0ed5ce25504b2898ebcaa002f91866fba47136428e1b69361812814

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
W/"11a85c-5ae4334e6a294"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K2RSZbbxUQKCgSSQ0w3hmGXWnYt3691roISt6g%2FRgyCtDdaXj5YoA7azXYq2xhOWT6M6dywRxxVmKYGzr62m694972ckbPO8lqcUm92%2B2RWfh%2BjzLv%2F0Viao1AZn"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608e2561fa6fbf28-FRA
cf-request-id
074cb5b13f0000bf2800253000000001
cmd1.svg
threatintel.blog/OPBlueRaven-Part2/ 		1 MB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatintel.blog/OPBlueRaven-Part2/cmd1.svg
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa23af1264776e86f53b2933d22666d5c53f84173f3feb3a1096a948167d3ee

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
W/"109e7c-5ae4334e9cf17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jrimt3kWocsVl9SLeCmYLpaHjbwPcUSA0aDFu7j9kxJQ%2Bluu6vvTDN7U4fKOlA5XqOSgfSVqobBf2nZjo7KC%2Fg%2BJSP%2FGKiKLYdqpOCWL8PdWPsv7wC9E4E2l8QAY"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608e2561fa70bf28-FRA
cf-request-id
074cb5b13f0000bf28f0b8b000000001
js.svg
threatintel.blog/OPBlueRaven-Part2/ 		2 MB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatintel.blog/OPBlueRaven-Part2/js.svg
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a233d7458663d964dd5a38be2f02944f827b18555d9f95c1a5789c83719b89f

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
W/"1b7a13-5ae4334e6e114"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E1QqoYhtGevVycQJTs%2B5z1vUNIKB8xmjjC54%2B0JykV15t3avlYfOiAx7LLOTBW32ZsAfWIvXt7SlbsgArWYsnVKal3oaNnyBd0nugVtBP2VS8UEwdy1Xzra8dEwj"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608e2561fa71bf28-FRA
cf-request-id
074cb5b13f0000bf28ff3d6000000001
bella2.svg
threatintel.blog/OPBlueRaven-Part2/ 		2 MB
292 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatintel.blog/OPBlueRaven-Part2/bella2.svg
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf63ef3f97630dbc1b1f2a055576874e6427f82cc6e39732ee6c8eb9d9f1cdd4

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:07 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
W/"1f1f72-5ae4334e6d174"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8O4EQl%2BtGABHcjbHFvZ%2F7MlQA1wEFMLDq8C7nBCvwkPjqDPTY0n48qvUMWEYL31S8CuitnYTQRiX2cfVUgVBqIpUiiQs0E6DSvPCxZax%2B5N4WBJscxqsWHqp0exC"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608e2561fa72bf28-FRA
cf-request-id
074cb5b13f0000bf2819804000000001
bellacompare.jpg
threatintel.blog/OPBlueRaven-Part2/ 		395 KB
396 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatintel.blog/OPBlueRaven-Part2/bellacompare.jpg
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74720427688c5bdde7800b98c00778598cb631a559f5042962611b6c2ff92f05

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
"62c8f-5ae4334e9bf77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3zxNmvbblSjj76eqdLFPcvXHRhFA5k%2BxO2mE1alvSwzvXVovlx7FUzHP%2B19gwtupdnEbLowHv7V6enL4ArGIVCUAKsl3a2UwEYraacq2Yi%2FjKVm8MbPjn3c3hryx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
608e2561fa73bf28-FRA
content-length
404623
cf-request-id
074cb5b1400000bf280eab2000000001
av0.png
threatintel.blog/OPBlueRaven-Part2/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatintel.blog/OPBlueRaven-Part2/av0.png
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95c2857ea314302ce0f52d2cdae91c2da9ef717ac65d814c36f8f4f92b223215

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
"2178-5ae4334e9bf77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7JQH0BUr5FrAvG1OJsIlqGF5TLBDZ9ML%2Fodz0hyGOaB5eebjXH65BXrrJfehCnjXpher9mGcMM%2F0MOTXBkK%2BEVBaw2GUfNCEl8FJBAZ8cYtGR%2BC9rJp1NZ1lEz4A"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
608e2561fa74bf28-FRA
content-length
8568
cf-request-id
074cb5b1400000bf28e297b000000001
av.png
threatintel.blog/OPBlueRaven-Part2/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatintel.blog/OPBlueRaven-Part2/av.png
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f66b8e5499bce2fed79638dbbe0be5634472a9026ceb2a587d9fe2f21b8f20a6

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
"f0f6-5ae4334e9a037"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T8G9uMigRicQLj3%2FVimpAiBhBm4nhKithK%2FgnMlixrLA0fW25WbATlaM5VVXyCgMkhxRIDdGsQneK2e%2BvGRYsgJ7hTH%2Fy%2F04Ae7ezNbgAr0FfcZty78TpPgBah5B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
608e2561fa75bf28-FRA
content-length
61686
cf-request-id
074cb5b1400000bf28e6bab000000001
botcount.jpg
threatintel.blog/OPBlueRaven-Part2/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatintel.blog/OPBlueRaven-Part2/botcount.jpg
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a86da336d65008e52dc3cb71388614db276ed5c694ecd1f36f771c0462127467

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
"4499-5ae4334e9bf77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xm5oEmP%2F1onR94tcjxzLkmDBo2Jr3sNeFqQCev2%2Fv5PsU76sTbYumAal%2BUFuTeuWdgbu0ytrv2wsc38zBsZV2ec4HOD3lrpZAzwuElpduw0bbcoXOcdBuY03u4oL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
608e2561fa76bf28-FRA
content-length
17561
cf-request-id
074cb5b1400000bf28ed1c5000000001
map.jpg
threatintel.blog/OPBlueRaven-Part2/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatintel.blog/OPBlueRaven-Part2/map.jpg
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62433ac87f2ad6f5a507e2d886b6439d388e4550c9a412e2c79c6730465dd154

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
"7484-5ae4334e9bf77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eZGOrjTecFjaKpxO2XECNJfKolfHpf1juuxxxIjBNVIAKFhLmGxXrwj8AwdJrXIZcMfkuW2rzpeH5o%2Fe3RoQ5GDBR5x1kZLyGx%2BCNMWXbR35dMp%2BAD3CWL3Kx969"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
608e2561fa77bf28-FRA
content-length
29828
cf-request-id
074cb5b1410000bf28021a2000000001
campaigns.jpg
threatintel.blog/OPBlueRaven-Part2/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatintel.blog/OPBlueRaven-Part2/campaigns.jpg
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e482c3d3e490bd5fa414142f96028d606bc0df81fc06e858cc6683d1f7a85a5

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
"5077-5ae4334e9bf77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K7zCLEyZ%2FPZ86arDW40a0OMIbMcF9cnm6CETlnsVg0BKvmVFpKzM4jkE9j0of3mA5xB%2BqOPTnMwvTD0ooZa%2FOxuJkafvZpahMZFFTt2Ej80TwDqQovJL%2FdtOGCiU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
608e2561fa79bf28-FRA
content-length
20599
cf-request-id
074cb5b1410000bf2811a2e000000001
all.min.css
threatintel.blog/lib/font-awesome/css/ 		56 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/lib/font-awesome/css/all.min.css
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
W/"df5c-5ae4334ea9a38-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3%2BIc87M5YlHPcM1cNXfWnKd1iFNeZ%2F5A0tgL%2Fq1w3zBtzWXxwzPpY4mtOBzw7OuHlxgh7rub%2FQlPPNL1qjuJwyjuLgvQX%2FJoePc54917hFDNFFH%2Fo5K%2B%2Fb5g2sxD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608e2561fa61bf28-FRA
cf-request-id
074cb5b1390000bf2819803000000001
justifiedGallery.min.css
threatintel.blog/lib/justified-gallery/css/ 		2 KB
885 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/lib/justified-gallery/css/justifiedGallery.min.css
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64a386be9ed85705f6ea0d9dd28a03bdb481412122222e0177d16e2bed76664d

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
W/"9d3-5ae4334eac918-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ww0xP2Q93ZRjOF8Hk4%2BY5OKBlLrbg613lEYmFECS2pCCgVM0uNWDjQqCRe1i7M8kMj3NwlX%2FB2WsMn5HMRJry7oONgPmd2UbZL5eBXb0sx8aHhm3GWk%2Bu%2FH%2Bbga4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608e2561fa62bf28-FRA
cf-request-id
074cb5b1390000bf280eab1000000001
email-decode.min.js
threatintel.blog/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
074cb5b13a0000bf28fa9b3000000001
last-modified
Thu, 17 Dec 2020 18:39:38 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"5fdba5ea-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xLFsr4dx9A0y1Ua9%2B%2BpUMftOvn2AOs5lQDxEcDAHbaEAF9L77nxeO8ZQDIgtuTecNdwHY0vOeOCXKu4xJBTDspNZOVttnEfN857r1HMcsBaJXHPi5jLx7f4%2BdujA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
608e2561fa63bf28-FRA
expires
Wed, 30 Dec 2020 20:49:06 GMT
jquery.min.js
threatintel.blog/lib/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/lib/jquery/jquery.min.js
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
W/"15851-5ae4334eac918-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mvxtHvjleTqhH%2B%2BzGazjtIeAV657mfMQaa%2BohsIdfW1qg3AoXxuT2OU73sPXpbDQETtU9sD%2BFv6p1DnTNuhP2OuciVRsXKEii32mJ%2F3j2ldcX6gbMiMVQC%2FRxuzJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608e2561fa64bf28-FRA
cf-request-id
074cb5b13a0000bf28e6baa000000001
.js
threatintel.blog/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/.js
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kg%2B1l%2FCKdGcdu2WcdN0U2irKzrVonvPbDbxAf2IzRmG2gju8tLkQiqDtxrxHBL65QTos2Cb%2BAo6hvJHV%2BHmYvsqGruMiS1763k9LYrDARYByutS1%2FIJn0gj8Ogi2"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
608e2561fa65bf28-FRA
cf-request-id
074cb5b13a0000bf28ed1c4000000001
jquery.justifiedGallery.min.js
threatintel.blog/lib/justified-gallery/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/lib/justified-gallery/js/jquery.justifiedGallery.min.js
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c83ef48243bf86e466c85c3b7607ef403290a616dc5354b53e6960083f32fc2

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
W/"484e-5ae4334eac918-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zjmYk5BdQU08WtrODHcRzin7VPIAjBkXZQNJOXSNwBSJm9JoPHrUXMDWZ2i3ZYr1JqDKvuAGErefhsjEcHhj1HrjN5%2BcHuiUrnY%2FFYMm2YqkvZItvjAePjer%2B0LM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608e2561fa67bf28-FRA
cf-request-id
074cb5b13b0000bf2811a2d000000001
clipboard.min.js
threatintel.blog/lib/clipboard/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/lib/clipboard/clipboard.min.js
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
W/"2a02-5ae4334e9fdf7-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eAo5lL3kltZagOYYlc3X%2BbOjvW2H7qa3RbXzf%2BTAZd2NO5pq6CuTyXa49x1qe5ER5RFvbpGrLbXzcDeAODxF0e4F5TkYXiowt0trpZh%2FVsuKWwrOoRuqhlacrrFc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608e2561fa68bf28-FRA
cf-request-id
074cb5b13b0000bf2815378000000001
main.js
threatintel.blog/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/js/main.js
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98ae92950331b5506931f2aa93ed97fa7d83839379152443b2acedc623d3abaf

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
W/"c32-5ae4334e9fdf7-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5alRfwcgQB0BZJyduuBcqxU9VLysZKNkhuN5L1ltjuadN7Xlgf3wSrD3t3Fqqwvwf4CEzy7uagenpdKUm4DmuKzHFdtjbBWEDxvxG%2BSbMlhOt5yTGl7Sg1NeDbgC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608e2561fa69bf28-FRA
cf-request-id
074cb5b13b0000bf2814a52000000001
fa-solid-900.woff2
threatintel.blog/lib/font-awesome/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/lib/font-awesome/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

Origin
https://threatintel.blog
Referer
https://threatintel.blog/lib/font-awesome/css/all.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
"12934-5ae4334ea9a38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FCvEcRPT%2B%2BncVLEg8sw%2Fiic6jZbJLndOEi%2B7wp3YU16H79WnDxv21UvcLAm%2BNl9P0JThYuR4v1Glb7hePsZUkyo4Lq5jGW%2B8AeGl0IQ06QBhhwb96till5hXonZw"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
608e25625a93bf28-FRA
content-length
76084
cf-request-id
074cb5b1770000bf28e22ee000000001
MesloLGS-Regular.ttf
threatintel.blog/lib/meslo-LG/ 		488 KB
197 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/lib/meslo-LG/MesloLGS-Regular.ttf
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1574a505f27249c879b67d885ec947d0b9a421c403aee4c38d37b2b1fced34c2

Request headers

Origin
https://threatintel.blog
Referer
https://threatintel.blog/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:07 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Sep 2020 16:42:37 GMT
server
cloudflare
etag
W/"79e24-5ae4334ea4c17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3W2bPNJZOgEE2mSAZ8c9drK9I0HiUq4cyGp%2BuPELzyOYnrvdtOapkSUZ4YfOVsy6dWsf0VoxWbskPj1AoR7mt56MocO3R9OpAtivP0Zi9t0fRqCfDI6uYr8cppK3"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
608e25626a9dbf28-FRA
cf-request-id
074cb5b17f0000bf28ed1c9000000001
.css
threatintel.blog/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/.css
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X%2BTTUqPVC5kxwHNAqh4UXsB%2FcrFeKYcuI1EDd%2BKplvRB3Y%2FAjtMiMS8F2fKEw3qxHFXmZZ8KjDm%2BBi4bKvxOXxa8GdT3G%2FDBOXJ9SRJ2U6kL%2BTf9Ysk%2FB4ZBesdA"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
608e2562eacdbf28-FRA
cf-request-id
074cb5b1d60000bf2804bdf000000001
.css
threatintel.blog/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/.css
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YvGL4EjSbsEnRiasv%2F%2Ful6xC7oJtpfI2v2VDwqCbBVFF1yqNOsFF%2B5nHrfGbIElZiFaQmP3PK2yduq3Vq6s62BxHudgeLQTBUYDDIULFrqlLCHSdoztJb8XisjRf"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
608e25631ae8bf28-FRA
cf-request-id
074cb5b1f10000bf28f3257000000001
.js
threatintel.blog/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/.js
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t4zEyM3YZAcoqrEf0%2F2hzF80OEl9iDXnIpil62BOmU58412p99oq7Qq0xPme869VAAhMbUUgrcioPsPx6282dkmobSdReOE%2FcuNQ%2FsF1fIbbALtGpi9DFVDAeQQn"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
608e25647b9fbf28-FRA
cf-request-id
074cb5b2cc0000bf280c189000000001
.js
threatintel.blog/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/.js
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6QitGagjSXwgBt4WIcChiYqWmhiNkvEQgayMuAPtJ8iDXS6tSJGred1n6WuQKxja4flO2M5HnXny8tztDFOyWMLrEOoHcT97J%2BWXgozDpOnhH74vQ6LXkwjXVHy2"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
608e2564dbbdbf28-FRA
cf-request-id
074cb5b3040000bf28f0b9b000000001
.js
threatintel.blog/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/.js
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OLM8osTGhQqhoMxM5dhB4j%2FdZTL5cP%2BsFVcXN%2B8lJy6rKJ1dxiV2uGzNjeXT1YkU968z6wQ5t2CdVgZ6deTHzpoFv%2FMeBGP0VWuvxgEkHk7tGc1xqE2%2FTs5M%2BEZ%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
608e25653bdfbf28-FRA
cf-request-id
074cb5b3420000bf28e22ff000000001
.js
threatintel.blog/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://threatintel.blog/.js
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:afa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y8J6tZufNKmQfoWyfJjBaHyND9HODdfL77ZbG34vFhgRVol6sYUkicYFw%2FCH07SYsfWo4linslemHTLjNTWFx%2BfONfvS7uSyyEQ5wHNvrAq8rGHu1GrLzHsVPoCE"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
608e25658bf4bf28-FRA
cf-request-id
074cb5b37a0000bf28fa9ca000000001
embed.js
threatintel-blog.disqus.com/ 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatintel-blog.disqus.com/embed.js
Requested by
Host: threatintel.blog
URL: https://threatintel.blog/OPBlueRaven-Part2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
5cda8ac741054a8a12bb5c4c463ef4c69b93375ba8206edb5ff3d3120929f17f
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Dec 2020 20:49:07 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
23361
lounge.2a0be1cac62547aa91037395a06bf8b3.css
c.disquscdn.com/next/embed/styles/ 		0
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.2a0be1cac62547aa91037395a06bf8b3.css
Requested by
Host: threatintel-blog.disqus.com
URL: https://threatintel-blog.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
233496
strict-transport-security
max-age=300; includeSubdomains
content-length
22655
cf-request-id
074cb5b4ff00004a555834f000000001
timing-allow-origin
*
last-modified
Thu, 19 Nov 2020 22:06:27 GMT
server
cloudflare
etag
"5fb6ec63-587f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DFW3-C1
accept-ranges
bytes
cf-ray
608e2567fdc34a55-FRA
x-amz-cf-id
U-gG9OZ3kJS9xxB8lbcOsPcV746xOv-OfQeg4RfypFfyEf75cG_0Pw==
expires
Fri, 19 Nov 2021 22:20:27 GMT
common.bundle.d5bc59d0180bbc154286a8e417e4c4bc.js
c.disquscdn.com/next/embed/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.d5bc59d0180bbc154286a8e417e4c4bc.js
Requested by
Host: threatintel-blog.disqus.com
URL: https://threatintel-blog.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
272280
strict-transport-security
max-age=300; includeSubdomains
content-length
94780
cf-request-id
074cb5b50000004a5550a3b000000001
timing-allow-origin
*
last-modified
Mon, 14 Dec 2020 22:46:46 GMT
server
cloudflare
etag
"5fd7eb56-1723c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DFW3-C1
accept-ranges
bytes
cf-ray
608e2567fdc64a55-FRA
x-amz-cf-id
KhS9D0Poc5ZnkV3R-ZcajkLniPEJ6HARyML9A_93nCdxS79Cq3ZKYw==
expires
Tue, 14 Dec 2021 22:56:15 GMT
lounge.bundle.7d72841d9245e018db276c51b9667402.js
c.disquscdn.com/next/embed/ 		0
114 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.7d72841d9245e018db276c51b9667402.js
Requested by
Host: threatintel-blog.disqus.com
URL: https://threatintel-blog.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
233496
strict-transport-security
max-age=300; includeSubdomains
content-length
116367
cf-request-id
074cb5b50000004a554c8bc000000001
timing-allow-origin
*
last-modified
Mon, 14 Dec 2020 22:46:46 GMT
server
cloudflare
etag
"5fd7eb56-1c68f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DFW3-C1
accept-ranges
bytes
cf-ray
608e25680dc94a55-FRA
x-amz-cf-id
T1E70eyDc6DXXQe_XQIvz19Wv5e7ZPWDQVPMSoGabsxtn8Y4uYOOJQ==
expires
Tue, 14 Dec 2021 22:56:15 GMT
config.js
disqus.com/next/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: threatintel-blog.disqus.com
URL: https://threatintel-blog.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Dec 2020 20:49:07 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
37
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
9280
X-XSS-Protection
1; mode=block
/
disqus.com/embed/comments/ Frame FE1F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=threatintel-blog&t_u=https%3A%2F%2Fthreatintel.blog%2FOPBlueRaven-Part2%2F&t_d=%0A%20%20%20%20%20%20%20%20OpBlueRaven%3A%20Unveiling%20Fin7%2FCarbanak%20-%20Part%20II%20%3A%20BadUSB%20Attacks%0A%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20OpBlueRaven%3A%20Unveiling%20Fin7%2FCarbanak%20-%20Part%20II%20%3A%20BadUSB%20Attacks%0A%20%20%20%20&s_o=default
Requested by
Host: threatintel-blog.disqus.com
URL: https://threatintel-blog.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://threatintel.blog/OPBlueRaven-Part2/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://threatintel.blog/OPBlueRaven-Part2/

Response headers

Connection
keep-alive
Content-Length
2660
Server
nginx
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Type
text/html; charset=utf-8
Last-Modified
Sun, 06 Sep 2020 21:44:22 GMT
ETag
W/"lounge:view:8186460892.9963b66c54e18303955db62f0eb7ace9.2"
Content-Encoding
gzip
Date
Mon, 28 Dec 2020 20:49:08 GMT
Age
0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: threatintel-blog.disqus.com
URL: https://threatintel-blog.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
255985
strict-transport-security
max-age=300; includeSubdomains
content-length
26578
cf-request-id
074cb5ba6500004a5537890000000001
timing-allow-origin
*
last-modified
Mon, 23 Nov 2020 17:22:41 GMT
server
cloudflare
etag
"5fbbefe1-67d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DFW55-C3
accept-ranges
bytes
cf-ray
608e2570af414a55-FRA
x-amz-cf-id
iwXvkWWneYUzTgpoGXrolZxBkoZQ2bfC3Qst_9vVPBWLaqb-vIiHXg==
expires
Mon, 29 Nov 2021 02:25:38 GMT
pixel.gif
cdn.viglink.com/images/ 		43 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=5.957584059520025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-101.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:08 GMT
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
age
1
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
EdUTm8GgKLJXbHOSkMC7x0vw8OS9eYOBmnjv7WFNuMLdi_NbL6ACqA==
pixel.gif
cdn.viglink.com/images/ 		43 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=5.957584059520025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-101.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 20:49:08 GMT
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
age
1
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
bTEfCZ5wR-YCZ2i-KmcihH1a9EcCasLDZK184rdLyjhfXLq2I8NrNQ==
ping
links.services.disqus.com/api/ 		317 B
941 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/ping
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
41007364d877c3d4a8ba0fe1d190d737b3c60830908274e81eaa055daf085f31

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 28 Dec 2020 20:49:09 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://threatintel.blog
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
317
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.gif
links.services.disqus.com/api/ 		43 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Dec 2020 20:49:10 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif;charset=UTF-8
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
links.services.disqus.com/api/ 		76 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
21a31f313c6a1d47275245550e0298ce16f4c9314c3a145b0e84aadd55ffb5e4

Request headers

Referer
https://threatintel.blog/OPBlueRaven-Part2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 28 Dec 2020 20:49:10 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://threatintel.blog
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
76
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| ClipboardJS object| options string| disqus_shortname function| disqus_config object| DISQUS boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16091885492466 object| vglnk undefined| vglnk_16091885497477 undefined| vglnk_16091885499039

1 Cookies

Domain/Path Name / Value
.threatintel.blog/ Name: __cfduid
Value: dfc1a2310186b1edb1ce44b287d1c69dd1609188546

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.disquscdn.com
cdn.viglink.com
disqus.com
links.services.disqus.com
threatintel-blog.disqus.com
threatintel.blog
143.204.215.101
151.101.12.134
151.101.12.64
151.101.64.134
2606:4700:3030::681c:afa
2606:4700::6812:a913
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1574a505f27249c879b67d885ec947d0b9a421c403aee4c38d37b2b1fced34c2
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44
1b212fab9e2f99ad872986a81de8d14f0615ae0d8546c88eb9bdfd8ec8bd74ac
21a31f313c6a1d47275245550e0298ce16f4c9314c3a145b0e84aadd55ffb5e4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
41007364d877c3d4a8ba0fe1d190d737b3c60830908274e81eaa055daf085f31
4df3441c5596a9e04138f567324a3beb565f60213b702f98abb8eb8d53c885d5
5cda8ac741054a8a12bb5c4c463ef4c69b93375ba8206edb5ff3d3120929f17f
5fa23af1264776e86f53b2933d22666d5c53f84173f3feb3a1096a948167d3ee
62433ac87f2ad6f5a507e2d886b6439d388e4550c9a412e2c79c6730465dd154
64a386be9ed85705f6ea0d9dd28a03bdb481412122222e0177d16e2bed76664d
6c83ef48243bf86e466c85c3b7607ef403290a616dc5354b53e6960083f32fc2
730c4cfbf0ed5ce25504b2898ebcaa002f91866fba47136428e1b69361812814
74720427688c5bdde7800b98c00778598cb631a559f5042962611b6c2ff92f05
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a233d7458663d964dd5a38be2f02944f827b18555d9f95c1a5789c83719b89f
90dac338b56dbc7fff2644435b463ffae3c702658f9c50acf4adf3cdc0dc2b40
95c2857ea314302ce0f52d2cdae91c2da9ef717ac65d814c36f8f4f92b223215
98ae92950331b5506931f2aa93ed97fa7d83839379152443b2acedc623d3abaf
9e06d200a80a1ebd9e229c69ab023ed9c8f4fc38cd2688fe3d7b2ac06d9a8ee7
9e482c3d3e490bd5fa414142f96028d606bc0df81fc06e858cc6683d1f7a85a5
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a86da336d65008e52dc3cb71388614db276ed5c694ecd1f36f771c0462127467
b9d6acb37277f9a608ceacdbf8f2b32c5fd3a65ebc5714684009ed21a6ddca23
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
cf63ef3f97630dbc1b1f2a055576874e6427f82cc6e39732ee6c8eb9d9f1cdd4
dd7f7e62b1c2c4cafeb59a4e08d1f01b01acbca91d180359e067c216b1ce167c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f66b8e5499bce2fed79638dbbe0be5634472a9026ceb2a587d9fe2f21b8f20a6
fd92b74f4ddf259c2666695ff0c71fcdd82646aebf80b1fa7b44c93e326b35ae