o.pki.goog/wr2
472 B IP
Hash 1f5ff11a296b9ba034ac870aa5b57301
1e4ef09e6e0bee99dc1ddb3c4f7ad4afae6ef75a
1ab6f2c8488081d305c0fa83311514652ab80f128342bf64fb042cc593267404
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Oct 2024 02:47:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.volexity.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
200 OK 15 kB URL GET HTTP/2 www.volexity.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type ASCII text, with very long lines (57765)
Hash 319580d7d8944a1a65f635e0d11e5da5
e23bc18ef1b0f78f7010e3c16e4c5e1f333248bd
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.6.2 HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: text/css
content-length: 14840
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Tue, 17 Sep 2024 07:36:52 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NjBpwlqEIP1c0ZXgDhMSI7D%2BQT%2F3wDnaz4xe88aZOarlIyGeewsMftUda3z5rhIuEbZDPQtBTSb8Conwgx0b%2BROJJYWFVoQxJIEUk8SE482PqiJ38yEIU4EMdLzgq71ZLiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1c019c6f8ab50b-OSL
X-Firefox-Spdy: h2
www.volexity.com/wp-content/themes/volexity/dist/images/logo.png
200 OK 4.9 kB URL GET HTTP/2 www.volexity.com/wp-content/themes/volexity/dist/images/logo.png
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type PNG image data, 1628 x 168, 8-bit colormap, non-interlaced
Hash c717e4264781f7a88c8f2e894f9a11dd
e116c5e7acf0361886dd8f0e00f1de748e64bf23
c028d95161528697214cfa6fd024eb225429b155723339cb67e75f27cd64c368
GET /wp-content/themes/volexity/dist/images/logo.png HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: image/png
content-length: 4852
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 29 Aug 2024 17:00:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDmwU%2F0UTJPAKS%2FKCHa42tWlcAoSVK2NuC1Xo41dH0ElmhqAfUa4lZpD03Cw%2F2JJkzyOur70aZ5TWRyfxfyKAVyAvOrbh3jLG9beFWaGLg1qUf4TTw8FQjv8XJzGFQH%2BpUs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c019c6f94b50b-OSL
X-Firefox-Spdy: h2
www.volexity.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=2.4.18
200 OK 1.1 kB URL GET HTTP/2 www.volexity.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=2.4.18
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type ASCII text, with very long lines (5064), with no line terminators
Hash 216d791e61641ace57d8d11a12bde01e
28bde6d98d1c689a712efe037a9592e9fa103b09
029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc
GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=2.4.18 HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: text/css
content-length: 1091
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 29 Aug 2024 17:00:43 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2BnH7KpJzS06mS8GeU8OkIye32BbNvHoBQRNIJFulLCht3S2SAgdIbegi4Sc9Onwnrr3xYgU51W9rN%2BXCD2MqpWU%2Fv5jvdJZwU562Ewmk%2F932fo%2Fz3qnypqqVlOUBdLDV38%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1c019c6f8bb50b-OSL
X-Firefox-Spdy: h2
www.volexity.com/wp-content/themes/volexity/dist/styles/styles.min.css?ver=6.6.2
200 OK 18 kB URL GET HTTP/2 www.volexity.com/wp-content/themes/volexity/dist/styles/styles.min.css?ver=6.6.2
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3d09db0cdc5096840437eb2b223ce703
62479255247513a2b6b91975578412b66a4ea6f1
758f6303c8f2891cf8bab3ac404467af40500e6d69694839182467ce3ca5d909
GET /wp-content/themes/volexity/dist/styles/styles.min.css?ver=6.6.2 HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: text/css
content-length: 18214
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 29 Aug 2024 17:00:43 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jrrhAWOW1%2FcEJelskRIAeO39EIZZZf2LMwqf69dDoQFMBIb1AJmEg0xeMtCUo3YvtkzwGy7%2F%2F0zymrcrIOZaFt5fBwVFmBQTtPwg%2BwqhNNgO8t6IPk1L03FWAS0L4skt8nY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1c019c6f8cb50b-OSL
X-Firefox-Spdy: h2
www.volexity.com/wp-content/uploads/2021/05/image002.png
200 OK 568 kB URL GET HTTP/2 www.volexity.com/wp-content/uploads/2021/05/image002.png
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type PNG image data, 809 x 1051, 8-bit/color RGBA, non-interlaced
Size 568 kB (568512 bytes)
Hash c4234acc4eb69806445913993c926a98
341a47e792cce009ff1cb3c2be02a167182e1c33
0415c1f9b9e9140f3eb691476b131876fa6a2081da9e35535475b13559ba0e94
GET /wp-content/uploads/2021/05/image002.png HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: image/png
content-length: 568512
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Wed, 26 May 2021 19:20:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vc6d1yK9uqBJBeFzFc0HALlLQ%2Bs58AeciPTscxwYzwOYWfI5NpLmbGPP2zUWSaWPAS92RJZyF1AT8hjF3gprkXnN5bP93SpdcMF%2Bpet28IxOzltxPKj7FRK3N8VRPBfnbl4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c019c6f9db50b-OSL
X-Firefox-Spdy: h2
www.volexity.com/wp-content/uploads/2021/05/election-fraud-blog-post-header-image-1-1536x768.png
200 OK 174 kB URL GET HTTP/2 www.volexity.com/wp-content/uploads/2021/05/election-fraud-blog-post-header-image-1-1536x768.png
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type PNG image data, 1536 x 768, 8-bit/color RGBA, non-interlaced
Size 174 kB (173669 bytes)
Hash 7387ebe4e26afe1f48b77659df422176
9c89e04a23d0f1ec8a8fda3d93bb13f1c096d730
9bfe37243d3456bb03fe83ea2e5cc8528f4af11981568fe75b0a4942b4ed0bad
GET /wp-content/uploads/2021/05/election-fraud-blog-post-header-image-1-1536x768.png HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: image/png
content-length: 173669
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 27 May 2021 18:02:38 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Owk58KdXz1AY%2BrH%2F1mrAEdb6WR6NuaoYRqOs89FImur4nkDjjbW3MKmWMMcd4Ppd3D7yO92bOIVa9BfrQ3PU6OKCkwjickrad68sDYLbftDGhz73AsbeQ597WjvQVtoRqt0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c019c6f96b50b-OSL
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-WRSX85NK29
200 OK 94 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-WRSX85NK29
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint67:C2:D2:52:FF:49:65:5C:79:F7:93:22:F8:32:AB:11:AA:AB:6B:F7
ValidityTue, 24 Sep 2024 02:46:00 GMT - Tue, 17 Dec 2024 02:45:59 GMT
File type JavaScript source, ASCII text, with very long lines (5945)
Hash a7b3892c87b85c4d11b36082d6bfce14
176b9ccee8d820cecda276c313437e1ce0a94244
4731f7841af1e8f59c39acaf17a8dfa00f1039eab464a481ae5df2715fe6b5ed
GET /gtag/js?id=G-WRSX85NK29 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 13 Oct 2024 02:47:40 GMT
expires: Sun, 13 Oct 2024 02:47:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 93728
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
o.pki.goog/wr2
472 B IP
Hash e8951ec4d35393b8ee714b4691d99337
c9b6c04c5d2747d64707c50cd02a0a00c8215543
f6c3bf5c4961a85933732cd457a5fd39d46c192e94360d8b80e36abb83cba628
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Oct 2024 02:47:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.volexity.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.18
200 OK 2.6 kB URL GET HTTP/2 www.volexity.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.18
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type JavaScript source, ASCII text, with very long lines (8700), with no line terminators
Hash 38f95416d5f7349b65699f64e6a587fd
2ca6f6f77481c3cdbcaacfc61a56c24f3c933ade
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.18 HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: text/javascript
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 29 Aug 2024 17:00:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WUdooY3poSxa0R%2FrT0yvvsbReTo4fUaToVcsUbN%2BKWzFnTxuYuvWD7BTsUCD0XcGhV6GJPC1MWkMUtKJl4ih5io4WsR3gAhSTFl%2F3N3%2FRAemf71EIwz49%2FFuxcQmTtNMB10%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c019c6f90b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.volexity.com/wp-content/uploads/2021/05/phish_email-1024x817.png
200 OK 358 kB URL GET HTTP/2 www.volexity.com/wp-content/uploads/2021/05/phish_email-1024x817.png
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type PNG image data, 1024 x 817, 8-bit/color RGBA, non-interlaced
Size 358 kB (358374 bytes)
Hash 68e6258f46aacfb9e4cfcb965021b1b1
c5e848caf30bd73c755e100d99383f7a64d11dee
2d09658dc2f400b9dd822a0bae5b9d4f13598ce42038cd376fb49f8e9a6f1e7d
GET /wp-content/uploads/2021/05/phish_email-1024x817.png HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: image/png
content-length: 358374
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Wed, 26 May 2021 19:32:05 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ebV5nV2DsJQElnxJSDA1QapV%2FcOJmcrBLMMUAcRCDg5EM8CNzpROt0DVyt6pwCaA77FZmcWZLuNQtgE0tEedKdgOo1pGTtcNUnBsNcxdm2l%2BinywsNAVqMY95oyvobEpZSc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c019c6f99b50b-OSL
X-Firefox-Spdy: h2
www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
200 OK 18 kB URL User Request GET HTTP/2 www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
IP
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (8856), with CRLF, LF line terminators
Hash 05d4866aed303143dc3756fd3a2647f7
3ffc772af7744af8b18bcb00f703a1af14180124
963092e2fe480c2aec171cdf692855b9016751fd3a5ce7c67d3ffe29c16f9020
Analyzer Verdict Alert Public Nextron YARA rules malware A loader for the CobaltStrike malware family, which ultimately takes the first and second bytes of an embedded file, and flips them prior to executing the resulting payload.
Public Nextron YARA rules malware The FRESHFIRE malware family. The malware acts as a downloader, pulling down an encrypted snippet of code from a remote source, executing it, and deleting it from the remote server.
GET /blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/ HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:39 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=63072000; includeSubDomains;
link: <https://www.volexity.com/wp-json/>; rel="https://api.w.org/", <https://www.volexity.com/wp-json/wp/v2/posts/2117>; rel="alternate"; title="JSON"; type="application/json", <https://www.volexity.com/?p=2117>; rel=shortlink
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server-timing: cfCacheStatus;desc="DYNAMIC"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u3XQtw5fIre77E6CZ1TQ9DbqpKJY0SOA%2FGN523N%2B8T%2B6olxPFFZuPo0yAh9mPmMXBBZr2vbkLGYBFuszf%2BvFqR1isJvxJcutZKCJIMLVTXf%2FdTTZf%2B5QmVJ1w6Vpyt7GJnw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d1c01975becb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
o.pki.goog/wr2
471 B IP
Hash b53aec5d70d916ab0140318df276a268
8b236248ce9159462298f7274409edebf6666c40
737431a4ee5c084455da5ee049ababf2eb1576bcdedb71f6fcf9fe32c835dac9
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Oct 2024 02:47:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
o.pki.goog/wr2
471 B IP
Hash b53aec5d70d916ab0140318df276a268
8b236248ce9159462298f7274409edebf6666c40
737431a4ee5c084455da5ee049ababf2eb1576bcdedb71f6fcf9fe32c835dac9
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Oct 2024 02:47:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,500,700,700i|Roboto+Condensed:400,500|Roboto:400,300,500|Roboto+Slab:300,500,400|Open+Sans:400,600,700
200 OK 51 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,500,700,700i|Roboto+Condensed:400,500|Roboto:400,300,500|Roboto+Slab:300,500,400|Open+Sans:400,600,700
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint80:2E:9C:80:BE:20:08:CB:81:6F:92:4C:83:5C:1E:73:D7:6B:F3:27
ValidityTue, 24 Sep 2024 03:17:04 GMT - Tue, 17 Dec 2024 03:17:03 GMT
File type gzip compressed data, max compression
Hash edba584dc277f2c448fb8bd9d4e2b783
8c3c8ce1cbb0f050930eed673a48ede05e08643b
4be9a13a8d657cfe91cf6e6ceafdbaed2954bffb0f37cc022e3248aba05bf6f1
GET /css?family=Source+Sans+Pro:300,400,400i,500,700,700i|Roboto+Condensed:400,500|Roboto:400,300,500|Roboto+Slab:300,500,400|Open+Sans:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 13 Oct 2024 02:47:40 GMT
date: Sun, 13 Oct 2024 02:47:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.volexity.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
200 OK 80 kB URL GET HTTP/2 www.volexity.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type JavaScript source, ASCII text, with very long lines (65447)
Hash 826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: text/javascript
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 29 Aug 2024 17:00:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXW0%2Bxd0M0u2tyMYPlB%2Fv6JMPOePPJXPw%2FoYzpPSJ1Tz15CA1JTIe93mQC%2B8GwPh06oWj%2Fdb4l8VIT8E%2Bf2A%2B5CXgyTZyWw%2BhKY3bzTFxTGBASddmIMBh4rjSzqrzV1lCic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c019c6f91b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.volexity.com/wp-content/themes/volexity/dist/images/search.png
200 OK 309 B URL GET HTTP/2 www.volexity.com/wp-content/themes/volexity/dist/images/search.png
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type PNG image data, 24 x 25, 8-bit colormap, non-interlaced
Hash 690ecde12c9e2016efac2824f88c03d0
b0b22c870d6c398ba1ea36e3c5b0829563593e4a
2d44bc68ebd5cc51defb48f9defe3c8705e280af5dd86c161e187bafcbbb63b3
GET /wp-content/themes/volexity/dist/images/search.png HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/wp-content/themes/volexity/dist/styles/styles.min.css?ver=6.6.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: image/png
content-length: 309
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 29 Aug 2024 17:00:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PaqcpIoJ%2BwkWRTZkPpYUZbVz2b%2FGTZG0OONqKGx0DGygq7vwkthblkq0mLQYL0PaBku%2Ff4Fj9pbWPetVfrBXI%2BX066kX5o7grBbXOwfeua%2F%2FzRTeREiBQtFAcpgVos2tKxI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c019f69afb50b-OSL
X-Firefox-Spdy: h2
www.volexity.com/wp-content/themes/volexity/fonts/icons.woff2?4053275
200 OK 5.1 kB URL GET HTTP/2 www.volexity.com/wp-content/themes/volexity/fonts/icons.woff2?4053275
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 5068, version 1.0
Hash b9a7e850839847829fd7e814b2b017dc
5613b8377882e08d87c80b59a9693afd5fa304b2
4fec2f5ff94c82084ce40a28b3990d3879da914059c3a4bd642a89d674712f9f
GET /wp-content/themes/volexity/fonts/icons.woff2?4053275 HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/wp-content/themes/volexity/dist/styles/styles.min.css?ver=6.6.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: font/woff2
content-length: 5068
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 29 Aug 2024 17:00:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vNjFYcid9ue%2BaWGgjlxi81Jab2um0yGMemmEgny%2Fau8JydxUtwwSwLzo1tFtesaz82d7pxgsQvb%2Bv4kQ%2BD6UtfqhNvl3nLqLBFp06iT1oQw7FVkudnZ5HR32ToyffCyCMGM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c019f79bbb50b-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT
File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Hash 015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.volexity.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Oct 2024 14:51:44 GMT
expires: Sat, 11 Oct 2025 14:51:44 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 129356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
o.pki.goog/wr2
471 B IP
Hash b53aec5d70d916ab0140318df276a268
8b236248ce9159462298f7274409edebf6666c40
737431a4ee5c084455da5ee049ababf2eb1576bcdedb71f6fcf9fe32c835dac9
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Oct 2024 02:47:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.volexity.com/wp-content/themes/volexity/fonts/fa-brands-400.woff2
200 OK 108 kB URL GET HTTP/2 www.volexity.com/wp-content/themes/volexity/fonts/fa-brands-400.woff2
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 107656, version 770.768
Size 108 kB (107656 bytes)
Hash e2f5b365c7d3d4497da73148ddfae997
b99813b3c531d8fe90aed3b75d2ed71f8e0c87f4
c61287c2fa9863b5fb5844c683a168ac6520c94d822bb43d5eae35c3a2a82166
GET /wp-content/themes/volexity/fonts/fa-brands-400.woff2 HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/wp-content/themes/volexity/dist/styles/styles.min.css?ver=6.6.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:41 GMT
content-type: font/woff2
content-length: 107656
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 29 Aug 2024 17:00:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AOFwBZhe2mdLBTcCbgJLuwhK%2FWNKsbgvf5fxpy%2FCblIPSpnT%2Fsak4zU8xUtN3DEFd2ZR%2F%2FG2I0J31D9kLaV61DBxqXHzsUWf45iffNV0Ho0qD%2Blcv7cq6TBk8O3OrjHfzHE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c01a0fa9ab50b-OSL
X-Firefox-Spdy: h2
www.volexity.com/cdn-cgi/rum?
204 No Content 0 B URL POST HTTP/2 www.volexity.com/cdn-cgi/rum?
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1275
Origin: https://www.volexity.com
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Cookie: _ga_WRSX85NK29=GS1.1.1728787660.1.0.1728787660.0.0.0; _ga=GA1.1.1956183038.1728787661
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 13 Oct 2024 02:47:41 GMT
access-control-allow-origin: https://www.volexity.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8d1c01a20b42b50b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT
File type Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Hash 8eff0b8045fd1959e117f85654ae7770
227fee13ceb7c410b5c0bb8000258b6643cb6255
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.volexity.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Oct 2024 18:11:53 GMT
expires: Sat, 11 Oct 2025 18:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
age: 117348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.volexity.com/wp-content/themes/volexity/apple-touch-icon.png
200 OK 21 kB URL GET HTTP/2 www.volexity.com/wp-content/themes/volexity/apple-touch-icon.png
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Hash 20ed91d496dece0ad869b7096de3e478
b531237a190c44cef3d73f576c9b5f93b5e12daa
2363b101b0e64dd091de398f4ab7db3691e609cef973da80d6fa0a10b8845a7f
GET /wp-content/themes/volexity/apple-touch-icon.png HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Cookie: _ga_WRSX85NK29=GS1.1.1728787660.1.0.1728787660.0.0.0; _ga=GA1.1.1956183038.1728787661
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:41 GMT
content-type: image/png
content-length: 21254
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 29 Aug 2024 17:00:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wiMKlS3nFJoy19hbi12pzX3U9mn0XVAEfrbW0pu6GvFpqQK5lWL57mqXhM6JXXLgpfZ%2FumZHq6j0XfLBbRSIGmyBtHlOJfen9a%2BXuUux%2BM9GNwI5O%2BKa0SKOiSkVYYoyiq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c01a1db20b50b-OSL
X-Firefox-Spdy: h2
www.volexity.com/wp-content/themes/volexity/favicon-16x16.png
200 OK 830 B URL GET HTTP/2 www.volexity.com/wp-content/themes/volexity/favicon-16x16.png
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Hash 9df5ee64773091fb4cb953f4b4f62c6b
e6632e0f60acc26233f55297c51d8d0f1c5016d8
fcf922b11218ee88a216e02f637a599a29f439c9061ebb4b08806b8fdd5c09a3
GET /wp-content/themes/volexity/favicon-16x16.png HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Cookie: _ga_WRSX85NK29=GS1.1.1728787660.1.0.1728787660.0.0.0; _ga=GA1.1.1956183038.1728787661
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:41 GMT
content-type: image/png
content-length: 830
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 29 Aug 2024 17:00:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dplnmJ1G6y%2BGHSJ36EivDo4gHqTr0rgj4%2FIMGQBxkWJv%2Bnwpkjh%2BrEdiMfOMtqGQN%2BnbvGOLQMDObua11V8coATOt%2BwgT8ZaDYAZhRrmnc0%2BEiiSEwOqpx7ueUh1CoJUJTw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c01a1eb2db50b-OSL
X-Firefox-Spdy: h2
www.volexity.com/wp-content/themes/volexity/dist/scripts/scripts.min.js?ver=6.6.2
200 OK 174 kB URL GET HTTP/2 www.volexity.com/wp-content/themes/volexity/dist/scripts/scripts.min.js?ver=6.6.2
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
Size 174 kB (173703 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/volexity/dist/scripts/scripts.min.js?ver=6.6.2 HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: text/javascript
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 29 Aug 2024 17:00:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B5sZLeFsY4KPvqE5rw0UEJv1yRL11S8xpuK63VpTfGFyiK5tApDaH1UlA34QZCVN25e50eeRFetsablKW4MTTZCSEFyIFqqg7kvxR6eBHI7Yz%2FeP34Asq2yH%2BGfBCFGQ8rs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c019c7fa4b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
200 OK 20 kB URL GET HTTP/2 static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectcloudflareinsights.com
FingerprintFB:0A:B6:18:33:15:47:A9:D8:B5:ED:D3:1B:EE:13:FF:3F:80:C4:E6
ValidityTue, 03 Sep 2024 08:38:23 GMT - Mon, 02 Dec 2024 08:38:22 GMT
File type JavaScript source, ASCII text, with very long lines (19948), with no line terminators
Hash ec18af6d41f6f278b6aed3bdabffa7bc
62c9e2cab76b888829f3c5335e91c320b22329ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.volexity.com
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c019c9d87712a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.volexity.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
200 OK 14 kB URL GET HTTP/2 www.volexity.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type JavaScript source, ASCII text, with very long lines (13479)
Hash 9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: text/javascript
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 29 Aug 2024 17:00:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VI7Yvn%2Bt0KEVTtKfVeQc%2B8Fqvmbf%2FqLOEwJvzF4t2OTjJ2ec%2BLyGjLIsRYrwCS4I8m7VD5XB2VJQV%2BATBlbGWdAqFiAe02hgZ5IMZzAiO61XImNqaXwJs83N2aSlY7yjiKw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c019c6f93b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.volexity.com/wp-content/themes/volexity/dist/images/header-bg/Banner_5_L-01.svg
200 OK 696 B URL GET HTTP/2 www.volexity.com/wp-content/themes/volexity/dist/images/header-bg/Banner_5_L-01.svg
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type SVG Scalable Vector Graphics image
Hash 8d28c69934e357578649c0b11d8a786c
2c807f0cf5eeeb44059a110dc3fcc2254c6f737a
a532499e3b882839166004e8a7ecd2f8d9b2f3a9b5f5c87231c20a30c8f990c1
GET /wp-content/themes/volexity/dist/images/header-bg/Banner_5_L-01.svg HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/wp-content/themes/volexity/dist/styles/styles.min.css?ver=6.6.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: image/svg+xml
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 29 Aug 2024 17:00:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FjDIaS8RW8rmjLVV%2F7T5fahoH1Z2a7EeI2qsM6kpzqr%2BuIrDxxPHfUxp0ALOANGMYOha183czB29APLO4xeHdLhSePkgFFcoCjqqPCqjD3sgFfinFNVDQ5nPN9KHGTarYqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c019f69a8b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.volexity.com/wp-content/themes/volexity/dist/images/header-bg/Banner_5_R-02.svg
200 OK 1.2 kB URL GET HTTP/2 www.volexity.com/wp-content/themes/volexity/dist/images/header-bg/Banner_5_R-02.svg
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type SVG Scalable Vector Graphics image
Hash a1883d905bb3aaad01557e7d2be2ee05
9e15803f3b2e0cf4b184ec431f61a301d64edcfb
accb31af4c5f5898aa2888867e944a79f702799f3a6d87c3b6cd7ec32ecd2181
GET /wp-content/themes/volexity/dist/images/header-bg/Banner_5_R-02.svg HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/wp-content/themes/volexity/dist/styles/styles.min.css?ver=6.6.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: image/svg+xml
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 29 Aug 2024 17:00:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4tK6nGJm55Qo%2Fh9ucy2H2Atgoa8hgN5hsh%2Bd9C2RRpCm9pAWZDyl9VdaQyOgRUC6hY6WGWxN2bET7MDy2Fc%2FkgWmuop4h7nxTZC2BVju673tLErI%2FJ%2BS1eaLNUhvtyRGSHQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c019f69acb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.volexity.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 1.2 kB URL GET HTTP/2 www.volexity.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type HTML document, ASCII text, with very long lines (1271), with no line terminators
Hash 40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 16:37:40 GMT
etag: W/"67055fd4-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FiAr2mC7ifiQYicEI56MnXKweFIF0GPIalmWGTJvNxtYN3DRHE0QRs5QgIxYLkWwdrBC6gnOpz33p06L3ofwv3WJO5nrIOS6F5psvMwao0cgVFgWU%2Bu6XbkDJYRG5GSCPUo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c019c6f9fb50b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 02:47:40 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
www.volexity.com/wp-includes/js/comment-reply.min.js?ver=6.6.2
200 OK 3.0 kB URL GET HTTP/2 www.volexity.com/wp-includes/js/comment-reply.min.js?ver=6.6.2
IP
Requested by https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Certificate IssuerGoogle Trust Services
Subjectvolexity.com
FingerprintA6:4E:F9:60:1E:71:27:A9:DA:D2:CF:50:78:D2:46:83:C7:D1:AF:9C
ValiditySun, 15 Sep 2024 01:23:09 GMT - Sat, 14 Dec 2024 01:23:08 GMT
File type ASCII text, with very long lines (3056), with no line terminators
Hash dc7f90d513295c29acc441fe114a2cab
ca9e5069d9afc4aa13ab2e152313dfb476e842ef
f87915c58d8c25473c726646b58d2fe0ba9a136987571e6c810aba3c67b4f74c
GET /wp-includes/js/comment-reply.min.js?ver=6.6.2 HTTP/1.1
Host: www.volexity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Oct 2024 02:47:40 GMT
content-type: text/javascript
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Thu, 29 Aug 2024 17:00:43 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iH21tXJZx1KaOWMhSzxBDubtuPxgyvSH2ENWum1I3kslM9y3GAy1kngfQMqrrXTdPI3fOXt1hBD6Z%2FozUCnHV%2Bj6psoqNTq4HA3R0pljQuzW83JZBZetImf4%2BIH6DmUuw7c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d1c019c7fa6b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
172.67.71.52
104.16.80.73