www.darkreading.com Open in urlscan Pro
2606:4700::6811:7863 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Submission: On April 25 via api (April 25th 2023, 1:24:06 pm UTC) from TR — Scanned from DE

Summary HTTP 232 Redirects Links 48 Behaviour Indicators

Summary

This website contacted 51 IPs in 7 countries across 34 domains to perform 232 HTTP transactions. The main IP is 2606:4700::6811:7863, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.darkreading.com. The Cisco Umbrella rank of the primary domain is 221587.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2023. Valid for: a year.

This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 37	2606:4700::68... 2606:4700::6811:7863	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6813:bb61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 28	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
10	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9062	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
5	18.154.63.51 18.154.63.51	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.193.131 151.101.193.131	54113 (FASTLY) (FASTLY)
1	23.32.242.89 23.32.242.89	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.157.4.71 108.157.4.71	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	108.157.4.113 108.157.4.113	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:3800:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.19 108.157.4.19	16509 (AMAZON-02) (AMAZON-02)
1	34.192.97.129 34.192.97.129	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.17.78 108.138.17.78	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:7763	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	142.0.173.15 142.0.173.15	7160 (NETDYNAMICS) (NETDYNAMICS)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
2	3.125.172.192 3.125.172.192	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2 2	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
2	3.220.216.226 3.220.216.226	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	99.80.21.219 99.80.21.219	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	88.221.169.49 88.221.169.49	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
28	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.224.217.157 54.224.217.157	14618 (AMAZON-AES) (AMAZON-AES)
2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.176.107.138 35.176.107.138	16509 (AMAZON-02) (AMAZON-02)
2	2.20.65.30 2.20.65.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.230.248.86 34.230.248.86	14618 (AMAZON-AES) (AMAZON-AES)
33	18.154.63.24 18.154.63.24	16509 (AMAZON-02) (AMAZON-02)
3	52.205.217.24 52.205.217.24	() ()
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	() ()
232	51

37 2606:4700::6811:7863 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beta.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:bb61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

eu-images.contentstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.154.63.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-51.dus51.r.cloudfront.net

static.iris.informa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.131 (United States)

ASN54113 (FASTLY, US)

6600d6d98e534115970f9529a45f3195.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.242.89 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-242-89.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.71 (Germany)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-71.dus51.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.113 (Germany)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-113.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:3800:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.19 (Germany)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-19.dus51.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.97.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-97-129.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-78.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7763 (United States)

ASN13335 (CLOUDFLARENET, US)

c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.0.173.15 (Toronto, Canada) 1 redirects

ASN7160 (NETDYNAMICS, US)

trk.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.172.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-172-192.eu-central-1.compute.amazonaws.com

eu01.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.220.216.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-216-226.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.21.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-21-219.eu-west-1.compute.amazonaws.com

iirexhibitionslimite.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

459ce04ab19dbf5d3ba01c224fb7aab5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.221.169.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-49.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.224.217.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-217-157.compute-1.amazonaws.com

ads.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.107.138 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-107-138.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.20.65.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-65-30.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.230.248.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-248-86.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 18.154.63.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-24.dus51.r.cloudfront.net

cache-ssl.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.205.217.24 (None, )

ASN- ()

track.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (None, )

ASN- ()

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	darkreading.com 3 redirects www.darkreading.com — Cisco Umbrella Rank: 221587 beta.darkreading.com — Cisco Umbrella Rank: 784324 c.darkreading.com trk.darkreading.com	1 MB
37	celtra.com ads.celtra.com — Cisco Umbrella Rank: 4536 cache-ssl.celtra.com — Cisco Umbrella Rank: 5405 track.celtra.com	1 MB
32	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	228 KB
29	moatads.com z.moatads.com — Cisco Umbrella Rank: 681 geo.moatads.com — Cisco Umbrella Rank: 1045 px.moatads.com — Cisco Umbrella Rank: 712	675 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 459ce04ab19dbf5d3ba01c224fb7aab5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177	466 KB
10	contentstack.com eu-images.contentstack.com — Cisco Umbrella Rank: 48304	88 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 615	289 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	292 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2930 www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 130	2 KB
5	teads.tv a.teads.tv — Cisco Umbrella Rank: 1617 t.teads.tv — Cisco Umbrella Rank: 2876	132 KB
5	informa.com static.iris.informa.com — Cisco Umbrella Rank: 118615	32 KB
3	ml314.com ml314.com — Cisco Umbrella Rank: 2828 in.ml314.com — Cisco Umbrella Rank: 13905	12 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3425 adservice.google.de — Cisco Umbrella Rank: 5261	1 KB
3	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 16951 eu01.in.treasuredata.com — Cisco Umbrella Rank: 44582	20 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	20 KB
3	dpmsrv.com s.dpmsrv.com — Cisco Umbrella Rank: 60868 a.dpmsrv.com — Cisco Umbrella Rank: 51867	64 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 899 script.hotjar.com — Cisco Umbrella Rank: 1171	74 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	64 KB
2	ubembed.com 6600d6d98e534115970f9529a45f3195.js.ubembed.com — Cisco Umbrella Rank: 892138 assets.ubembed.com — Cisco Umbrella Rank: 17267	48 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	151 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 997	56 KB
1	twimg.com pbs.twimg.com	2 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 621	98 B
1	omtrdc.net iirexhibitionslimite.tt.omtrdc.net — Cisco Umbrella Rank: 503778	815 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1521	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2090	15 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 10015	3 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1312	44 KB
1	gstatic.com fonts.gstatic.com	20 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 882	295 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1274	7 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3240	15 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	7 KB
232	34

	Domain	Requested by
35	www.darkreading.com	2 redirects www.darkreading.com static.cloudflareinsights.com
33	cache-ssl.celtra.com	ads.celtra.com www.darkreading.com
28	securepubads.g.doubleclick.net	1 redirects www.darkreading.com securepubads.g.doubleclick.net www.googletagservices.com
22	px.moatads.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.darkreading.com tpc.googlesyndication.com
10	eu-images.contentstack.com	www.darkreading.com
10	cdn.cookielaw.org	www.darkreading.com cdn.cookielaw.org
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	z.moatads.com	securepubads.g.doubleclick.net
6	www.googletagservices.com	securepubads.g.doubleclick.net
5	static.iris.informa.com	www.darkreading.com static.iris.informa.com
4	www.google.com	www.darkreading.com securepubads.g.doubleclick.net tpc.googlesyndication.com
3	track.celtra.com
3	a.teads.tv	securepubads.g.doubleclick.net a.teads.tv
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	t.teads.tv
2	ml314.com	z.moatads.com ml314.com
2	cm.g.doubleclick.net	2 redirects
2	a.dpmsrv.com	www.darkreading.com
2	ib.adnxs.com	2 redirects
2	www.google.de	www.darkreading.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	eu01.in.treasuredata.com	cdn.treasuredata.com
2	trk.darkreading.com	1 redirects www.darkreading.com
2	c.darkreading.com	static.iris.informa.com
2	www.youtube.com	www.googletagmanager.com www.youtube.com
2	www.googletagmanager.com	www.darkreading.com www.googletagmanager.com
2	code.jquery.com	www.darkreading.com securepubads.g.doubleclick.net
1	pbs.twimg.com
1	in.ml314.com	ml314.com
1	geo.moatads.com	z.moatads.com
1	ads.celtra.com	www.darkreading.com
1	459ce04ab19dbf5d3ba01c224fb7aab5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	idsync.rlcdn.com	www.darkreading.com
1	iirexhibitionslimite.tt.omtrdc.net	beta.darkreading.com
1	region1.analytics.google.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	assets.ubembed.com	6600d6d98e534115970f9529a45f3195.js.ubembed.com
1	ping.chartbeat.net	www.darkreading.com
1	cdn.treasuredata.com	static.iris.informa.com
1	static.chartbeat.com	www.darkreading.com
1	beta.darkreading.com	www.googletagmanager.com
1	static.hotjar.com	www.darkreading.com
1	s.dpmsrv.com	www.darkreading.com
1	img.en25.com	www.darkreading.com
1	6600d6d98e534115970f9529a45f3195.js.ubembed.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	fonts.gstatic.com	www.darkreading.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	static.cloudflareinsights.com	www.darkreading.com
1	stackpath.bootstrapcdn.com	www.darkreading.com
1	cdnjs.cloudflare.com	www.darkreading.com
232	54

This site contains links to these domains. Also see Links.

Domain
ve.informaengage.com
www.blackhat.com
darkreading.tradepub.com
www.informationweek.com
messages.blackhat.com
securelist.com
en.wikipedia.org
www.mandiant.com
www.interop.com
www.networkcomputing.com
www.itprotoday.com
www.datacenterknowledge.com
www.omdia.com
info.wrightsmedia.com
twitter.com
www.linkedin.com
www.facebook.com
www.youtube.com
news.google.com
tech.informa.com
www.informa.com
www.onetrust.com
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
darkreading.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.contentstack.com Gandi Standard SSL CA 2	`2022-08-02` - `2023-07-22`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
static.iris.informa.com Amazon RSA 2048 M01	`2023-02-23` - `2023-09-01`	6 months	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-18`	a year	crt.sh
*.dpmsrv.com Amazon RSA 2048 M01	`2023-03-18` - `2024-04-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-02-21` - `2023-09-16`	7 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
*.in.treasuredata.com Amazon RSA 2048 M02	`2023-02-13` - `2023-07-23`	5 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
celtra.com Amazon RSA 2048 M01	`2023-02-20` - `2024-02-07`	a year	crt.sh
ml314.com GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2023-02-27` - `2023-12-14`	10 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Frame ID: DE28B52D6AACEF63023F9569EC850D59
Requests: 146 HTTP requests in this frame

Frame: https://459ce04ab19dbf5d3ba01c224fb7aab5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8C56D1F82575AB6EDE5DD5F2D73E4879
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvierhaAgbV0ANYZxlLjio8isP2M2ZmMm1M59CGCkzbEfL82Bzw3MXs4qI_KIO3_iZIOtO63WaQgjEYVLHvNyiO8LOSEcWpbztxZQgtIYOXqnI2mrnBxNcBp8pNfXDCz0PuO4_snP513huEhjDtPZK96hwV_FjM8l8LBetnzRY7peSXm_Rmc918hKEGCpO44l2FTtFiToPcpGSkPrRTd9iW2gbjQDNnKctBiT2M3tmcRtnVbt-cVPcX33bG6l-lCxOmpBwQ6uDQE7UXTcVO6sPO4qzUsRTmQ5mnXNP8ZRvq1hh4dSoR0oS9qt6E7X9cxW8qYFeTedoBUhKiDfL20SCiZRDkulbckWCy2nNK__KSgNAnRof2Q&sai=AMfl-YSLNPieqODa16PblM2beVAgH6c1wOiD9tc__E-L3zjl39hq_02LZ5Vk5BK0sfIpCpALjAFCgHpd40-OsK6PJQSSirgzyAj3DFvZxg9tBLFQkCTgO-K4ISJ0HwxvIA&sig=Cg0ArKJSzNK0v4QE4JMrEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 203F6EB572DF3CFF68F865BA415289EF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVVc5F59xkbClcEJJuDM0YJUnG57WGTbfwpfKCdAAjvM57aGpHEHQM12FczBZJ-tmgVcV7gMqcRX0q5hOi9056dgfoRus0epERUntZd4Ja6GmobwwoawJTAP9bD_KyAVBaKoAWlJcVuE9r5OX9sjIu1xgpl8gw1T8BhrQtzxEpt6qh_nIMcQtF5KLyietgYLujLUS2idiIhf5QjtzrJnArwgPO6DAVPFR65f_RHgjhsBOkl06yHRdrWzu7L99H6vTPYrcJd5nNb35hfu3ZrM9_PObVl7dfwS2HBodrgkquETmvgZ1MGg-BZO_GVhcRbyjaw615VJcwqxN3DL7wqPSDnLlJ-JndYD9I3o5aQmy1&sai=AMfl-YS2e8Gezb3p6y6xQqPC5CacWn8EgpGqa7ubC-tbnR3kEZ7_8P9Zc2G6woPDac_Vs9doH6NUCdeo9wsZaIHSnJVfauEd0uIta6VWDAVIGev9wXM_8cRbACXcYl9fZA&sig=Cg0ArKJSzPEReEtZX5dTEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F9DEE45730D06524D8D61B6D066EC25F
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4vP2zh2M2sltJcB95n-cCthcr_tq5acBkV7tDwqJemt4ihv7njQ0OfeMtFttNoI8hRr2V8pAjlf30anFxZWaIYzrhKFdc-7JTQJitp2C0-ICV_G3faYaoPQzjIJLHvDfdJvSmENXmCnrDPhWyh5WhC-Q_oGaAeSx9F-VQB_cK1zhkSbllcz-1O9_Ok6ZKqAfZYHjmlcB-_taxwjhqdzT3AyDGqK8i_DnfeZHzwElboqtEW--c3B4mOwQcw9Tuo4mdaRKrVcsDj6oI0eu63SWB-olEeRUDKH-vNbxKlUKd8Wo7O04HeDfoSKNVXHqrikQDi_vEskTNDwxDvGB9ppZuBY8nTVoY0wHKTeNpgFr3SXNqIA&sai=AMfl-YT7A7Fs1L_9_A5AEVlrkP74ca-gUSxW75G8ef0NrKp70kdLIhUxJdF4UCM3FXsybkJCCDU3nS92y2vFP2AlTuQu2jaLrd3yAkFouJN84WqNYVbETJFQz6Q_AMMl3A&sig=Cg0ArKJSzMSeTCDcJ_M3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B056EFBCB1BE6873BAC066899E002B09
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxFnaOEnuQsCR2UxEYzNuAW_AWppyUzCbZWtvT2hVNGZXuo1lR2bme4k1Ns-1UqmJiOXsIERglIfXgH-XYDESPobFk23ABEZt3po_6Y_or1ZkD57pOKx9p0WWWiRNPo6hCoXIpF2tLQ7MV0jOMzriZI9KeGrzB8hqQUFlf3Q7NxLkgMUdUdJVxlH-yiMUzl91ZxgTzSLJM5Y-xo5rAvs4uBRJEhqVOfAF_Ss8IPmF9RXoOvOU1HUoH-3TO1QCmYcgLMIUHzyLU0ig9twt9qVg1H_qFY6KNutaRhz9haRP7IADafg_OaveXmHU2VS4FjWS6h5at9YJ-QigWxOrsTq0JxA6ZD-5okGpuBJAhM4PO7Ea3qQ&sai=AMfl-YSPSEmbkHiY3eFnEd7GI9FMul-5or9RS6Qn6IPVLsQTsSrSO_shfhPT48q3oYDOVJCbzWYfpuM-EoEl_iecnlYS9XIw4oaEvwLRO5eeLI_34568KmLcHqCPkJI3Zw&sig=Cg0ArKJSzAPJYRPBjVZ2EAE&uach_m=[UACH]&adurl=
Frame ID: A7A27F7CEB3350F98BC85DF17C61AD73
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCJso9_GU8Q6Nyj-27c0ZLSaobJ_4zd3-Ds0Z1L0T9N3ghHdG-XFQuZg5BBN37BYUqnH3t-hKpDcV6KMpcquILjmdDLmhCyJvPVGvAijTQq4pVBqhAOJRVnlhUBPvpwiOaV8eat3v_KBYbfQIT1Pp2oYeYWftoetl2RJqP2X3ncE_FIOBSdlfVJJ37JAClI2NpXnCJ3JCi6e26GLKfVoV09dztV4wItV6aN2ICqyZqF8Bxghh8WKR82Y63BO0cD9Bm1h6B3PB5ElR43Douje_D9Zu5HMifMIk3VI3BXhzQfhu5naUfq8W6yudIS8RLbatFinWBO7Fue1DUp1x6PgH6a908vdzZFhPMKfhX4NuE&sai=AMfl-YR2p5WSCZbRQwz07gJr5Rh2QvD_-pL54gZmJp96squrXsch_ZrXGbySnMQCB_ENFVU2lgxvl-EFTtbQnoWcGgGFILGTSZZVjf4LPV7jF0Bf5GZQ3cVaBsnUZcEnJg&sig=Cg0ArKJSzOk3xdfE-3XAEAE&uach_m=[UACH]&adurl=
Frame ID: 200E31889FA494871852966B9F1E28B9
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdNhutSo-QmQP0FgNuchNcYnvNtDx7hgUPCL9tIu6ueGwgjr8N5ZNcX8Osiglh_egXS3mstvk9WbaAku6P8yIQ6le8YBUEemC_0dbIIYKLsKTTOmr-5rJm-7SOgOJSqx5of5nzIJG_8l4dPoAXR6hfsNRFH9OmUQfQGFJQ0Km0-Y8nHgnGHMMFwsCs9QU3_6t9Hu4siXS-TDH-cbl0U3YXNNjse1patwS5ViTFOW5azJTonVxuWIqGTA1X3o_POzI21R60B3MQwkg35IYcMKpt7xIGII7l82U-04mVOQ9rWqPfm8mUVrIdU3i8BA4VrpcwjdRoxTkmvKdbv7Hd20NogqnUo9MI1pO6UXsO86SLB8HqBQ&sai=AMfl-YQnK2M6qRyo1WtlE8n53Xmky4l9fg-oQ73wl4ldDtcEoOPJIeNKDiBHY77zuafZ-4CEUil-FK1qE1NoZAeHLSKuZBiGRfR7njG83U4yqgd_8q8YDpUx8k6de7Pcaw&sig=Cg0ArKJSzK8jBIS4J7AhEAE&uach_m=[UACH]&adurl=
Frame ID: FC40A172BD81E84F59FC719F74DC2854
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfzqgMtHRCOUbUiocjCiOw1D34yBZ2SHS7Oa7cGI7iL-vY23NoujlY1vdy9wS6ZRkJt3t4uq6liQRvgxGCTdWpUQhdnJuU2_Wj3ZNVcKpyPkCSPjpJQvcjkTX2GmeQtyyLas2b49upUFJbrSioqAwbkOyJebygSxSPVh0JFoxbmcgcH4D7gsclBCqwfZzzNyHWqnQcZc9c8MTHOZbYn2vDgcwEpvCiyXArWkYfSrKI0CfccqQrGFK0k4MhUMBpWr7b2UboiC7PAeEVL-1jM28ol4TX2aF8YbJKuSEs-w7JYlzRI8RlUV42KSvGyc9TVCGCg0TyQ66W3Dju0ySSOLWIa2zX1983Z9vKGvSZ2wD8yupdJ7ahFRTR1mu6mUPUJyWIEUqZSRQ&sai=AMfl-YTlqLQSPNv6kUpajPpsfHem_CzVbkdGGd6spdzwM7-mVzK06jS_edG23pFyGwnWmqt7WUtCH03h7w_4xZi-CWej4ioyeFcu6FwcupgDhgl97vWv4uBh3tBwCajRSg&sig=Cg0ArKJSzJWz-OW6aBHvEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4F293CFA959CA3C081429EC2EEE64401
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A9B1818E0B94C306D270131F63DA55F4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2CF73A5639545754162FD91BA39C8FB2
Requests: 2 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/1454a71d-cdbb-429c-8092-122f4493e0c7.woff?subset=%20()-012345679%3AABCDEFGHILMOPRSTUVWabcdefghijklmnopqrstuvwxyz
Frame ID: ADB30241351059374E1ACC836D4478BA
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tangled Up: 'Tomiris' APT Uses Turla Malware, Confusing ResearchersCookies ButtonBack ButtonSearch IconFilter Icon

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

232
Requests

97 %
HTTPS

50 %
IPv6

34
Domains

54
Subdomains

51
IPs

7
Countries

4993 kB
Transfer

12458 kB
Size

38
Cookies

48 Outgoing links

These are links going to different origins than the main page.

URL: https://ve.informaengage.com/virtual-events/dr-anatomy-of-a-data-breach-and-what-to-do-if-it-happens-to-you/?kcode=sbx&cid=smartbox_techweb_session_16.500296&_mc=smartbox_techweb_session_16.500296
Title: Anatomy of a Data Breach - A Dark Reading June 22 Event

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/?cid=smartbox_techweb_session_16.500287&_mc=smartbox_techweb_session_16.500287
Title: Black Hat USA - August 5-10 - Learn More

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf45&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001280&_mc=smartbox_techweb_upcoming_webinars_8.500001280
Title: How to Launch a Threat Hunting Program

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_sysf05&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001290&_mc=smartbox_techweb_upcoming_webinars_8.500001290
Title: What's "CNAPP-ening"? Bring Your Cloud Security into Focus!

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/Security
Title: White Papers >

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper
Title: Tech Library >

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_header
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf45&ch=drsitebell
Title: Event

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4076&ch=drsitebell
Title: Event

Search URL Search Domain Scan URL

URL: https://messages.blackhat.com/2022-attendee-report-2022?kcode=drsite
Title: Report

Search URL Search Domain Scan URL

URL: https://securelist.com/tomiris-called-they-want-their-turla-malware-back/109552/
Title: attacks previously correlated with Turla were carried out by Tomiris

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Commonwealth_of_Independent_States
Title: Commonwealth of Independent States (CIS)

Search URL Search Domain Scan URL

URL: https://www.mandiant.com/resources/blog/turla-galaxy-opportunity
Title: research about a Turla campaign

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_eoa
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_invj42&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005378&_mc=smartbox_techweb_whitepaper_14.500005378
Title: AppSec Best Practices: Where Speed, Security, and Innovation Meet in the Middle

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3999&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005371&_mc=smartbox_techweb_whitepaper_14.500005371
Title: The State of Cybersecurity: 2023 Trends Report

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa4088&ch=sbx&cid=smartbox_techweb_analytics_7.300005984&_mc=smartbox_techweb_analytics_7.300005984
Title: Successfully Managing Identity in Modern Cloud and Hybrid Environments

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa3977&ch=sbx&cid=smartbox_techweb_analytics_7.300005981&_mc=smartbox_techweb_analytics_7.300005981
Title: The 10 Most Impactful Types of Vulnerabilities for Enterprises Today

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_knoc89&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001291&_mc=smartbox_techweb_upcoming_webinars_8.500001291
Title: Artificial Intelligence, ChatGPT and Cybersecurity: A Match Made in Heaven or a Hack Waiting to Happen?

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_dark59&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001292&_mc=smartbox_techweb_upcoming_webinars_8.500001292
Title: Unleashing AI to Assess Cybersecurity Risk

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_autp21&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001285&_mc=smartbox_techweb_upcoming_webinars_8.500001285
Title: Puzzled by Patching: Solve Endpoint Pains

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa3940&ch=sbx&cid=smartbox_techweb_analytics_7.300005980&_mc=smartbox_techweb_analytics_7.300005980
Title: Shoring Up the Software Supply Chain Across Enterprise Applications

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_darl08&ch=sbx&cid=smartbox_techweb_analytics_7.300005973&_mc=smartbox_techweb_analytics_7.300005973
Title: The Promise and Reality of Cloud Security

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa3521&ch=sbx&cid=smartbox_techweb_analytics_7.300005970&_mc=smartbox_techweb_analytics_7.300005970
Title: 10 Hot Talks From Black Hat USA 2022

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_cymu31&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005369&_mc=smartbox_techweb_whitepaper_14.500005369
Title: Large Insurer goes beyond Breach and Attack Simulation (BAS) with Cymulate

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_delh33&;ch=sbx&cid=smartbox_techweb_whitepaper_14.500005360&_mc=smartbox_techweb_whitepaper_14.500005360
Title: Rediscovering Your Identity

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_delh32&;ch=sbx&cid=smartbox_techweb_whitepaper_14.500005359&_mc=smartbox_techweb_whitepaper_14.500005359
Title: 2023 Global Future of Cyber Report

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/?cid=smartbox_techweb_session_16.500286&_mc=smartbox_techweb_session_16.500286
Title: Black Hat Asia - May 9-12 - Learn More

Search URL Search Domain Scan URL

URL: https://www.interop.com/
Title: Interop

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/
Title: InformationWeek

Search URL Search Domain Scan URL

URL: https://www.networkcomputing.com/
Title: Network Computing

Search URL Search Domain Scan URL

URL: https://www.itprotoday.com/
Title: ITPro Today

Search URL Search Domain Scan URL

URL: https://www.datacenterknowledge.com/
Title: Data Center Knowledge

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/
Title: Black Hat

Search URL Search Domain Scan URL

URL: http://www.omdia.com/
Title: Omdia

Search URL Search Domain Scan URL

URL: https://info.wrightsmedia.com/informa-licensing-reprints-request
Title: Reprints

Search URL Search Domain Scan URL

URL: https://twitter.com/DarkReading

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dark-reading/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/darkreadingcom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@DarkReadingOfficialYT

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMKmknwswtq63Aw?ceid=US:en&oc=3

Search URL Search Domain Scan URL

URL: https://tech.informa.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://tech.informa.com/cookie-policy
Title: Cookies

Search URL Search Domain Scan URL

URL: https://tech.informa.com/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://tech.informa.com/terms-and-conditions
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.informa.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvVRIoxrk1acgEjh2FfVuxrfCUxsPOFe_K3JEjc0bUulriro3nUt3Te-2M5iH1m0zB4fWEjIcMZPC6AOqKPX-nJnRnmfCCU1KBmchfYC5G2juXjJbPw-jiuPP-Vss28KsyVbBVsEvQQ9bNxLAubBTOgFBDGjdFSM0fykGquNiGjqBnHSoX-Mx4QViC0gKjtZWY1rDyJr14GeyCFnYYaKlOeoG0IB0HwjgmxbpnoXsfJA9RCct4wJyammaaPonjT5LER_L4pYBOGOJiZ3Dq2_aABg78gvwu0Gr7bWE-DDYJ95a6TcdNH5Eq-t3jxfTbLxqohUoF9iQ9nH9Uvh23Vr8vvQYX_PEBKDxiVVz2ChOkYKQ&sai=AMfl-YR6ijljjt2FLlSiOQLY4AlOmsvlSGxyen2meBHAehziILQQNInuRizz0Iux6MUHV4cYwSsiebKh9wBT3oVE4ZlPJhw-y7xwUkN7DKQzs-kSYdSH7G2-WuL6yCy0oQ&sig=Cg0ArKJSzDtvqzYij-OQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://www.mandiant.com/global-perspectives-on-threat-intelligence?utm_source=darkreading&utm_medium=display&utm_campaign=threat_intelligence&utm_content=all&utm_term=en&cid=global

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://www.darkreading.com/js/prebid-ads/ad_utils/adsensebase.js HTTP 302
https://www.darkreading.com/404

Request Chain 82

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&ref2=elqNone&tzo=0&ms=304&optin=disabled&firstPartyCookieDomain=trk.darkreading.com HTTP 302
https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&ref2=elqNone&tzo=0&ms=304&optin=disabled&elq1pcGUID=984256A1992C4FBEA51698CF5B56B026

Request Chain 91

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D592278%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.darkreading.com%252Fthreat-intelligence%252Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253D592278%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.darkreading.com%25252Fthreat-intelligence%25252Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=1111044141702830350&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=592278&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1111044141702830350&pixelIndex=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=1111044141702830350&pixelIndex=0&google_tc= HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1111044141702830350&pixelIndex=0&google_gid=CAESEBHZjS6i3XpORLIqqLMScQo&google_cver=1

Request Chain 146

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfzqgMtHRCOUbUiocjCiOw1D34yBZ2SHS7Oa7cGI7iL-vY23NoujlY1vdy9wS6ZRkJt3t4uq6liQRvgxGCTdWpUQhdnJuU2_Wj3ZNVcKpyPkCSPjpJQvcjkTX2GmeQtyyLas2b49upUFJbrSioqAwbkOyJebygSxSPVh0JFoxbmcgcH4D7gsclBCqwfZzzNyHWqnQcZc9c8MTHOZbYn2vDgcwEpvCiyXArWkYfSrKI0CfccqQrGFK0k4MhUMBpWr7b2UboiC7PAeEVL-1jM28ol4TX2aF8YbJKuSEs-w7JYlzRI8RlUV42KSvGyc9TVCGCg0TyQ66W3Dju0ySSOLWIa2zX1983Z9vKGvSZ2wD8yupdJ7ahFRTR1mu6mUPUJyWIEUqZSRQ&sai=AMfl-YTlqLQSPNv6kUpajPpsfHem_CzVbkdGGd6spdzwM7-mVzK06jS_edG23pFyGwnWmqt7WUtCH03h7w_4xZi-CWej4ioyeFcu6FwcupgDhgl97vWv4uBh3tBwCajRSg&sig=Cg0ArKJSzJWz-OW6aBHvEAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/12467602288992818312? HTTP 302
https://tpc.googlesyndication.com/simgad/12467602288992818312

Request Chain 168

https://www.darkreading.com/sites/all/themes/penton_core_theme/images/ContentPillar_Welcome_1200.png HTTP 302
https://www.darkreading.com/404

232 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers Show response
www.darkreading.com/threat-intelligence/ 436 KB
57 KB 612ms
573ms Document
text/html 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83f48a6e4e716148a20100ce282ee816ddee0d0b4b6deb4532c21d9288b1e63c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bd6e751dc0c3654-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 25 Apr 2023 13:23:58 GMT
server: cloudflare
vary: Accept-Encoding, Origin
x-proxy-by: https://www.darkreading.com

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 14 KB
4 KB 41ms
19ms Script
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/OtAutoBlock.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Apr 2023 13:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /FIp/4zYapfYlY6Lvx04NA==
age: 70258
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3637
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B651FF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3126707b-901e-017e-65e1-5a017c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bd6e755be5a367b-FRA
expires: Wed, 26 Apr 2023 13:23:59 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 41ms
18ms Script
application/javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Apr 2023 13:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: rpnZu/dYNZPLIh9pLOSMrg==
age: 29619
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6757
x-ms-lease-status: unlocked
last-modified: Mon, 24 Apr 2023 19:20:17 GMT
server: cloudflare
etag: 0x8DB44F8F02E32CE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 10b9a6a8-c01e-0040-6ef3-76f108000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bd6e755be5b367b-FRA

GET
H2

404

404
www.darkreading.com/
Redirect Chain

https://www.darkreading.com/js/prebid-ads/ad_utils/adsensebase.js
https://www.darkreading.com/404

0
0

148ms
148ms

Script
text/html

2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/404
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-ray: 7bd6e7580c953654-FRA

Redirect headers

date: Tue, 25 Apr 2023 13:23:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html
location: /404
cache-control: public, max-age=7200
cf-ray: 7bd6e75599443654-FRA
expires: Tue, 25 Apr 2023 15:23:59 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 136ms
109ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e88b7c654061e26d45ca36cd067c150e3b3017d2361e7d9405826b3a0602597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25040
x-xss-protection: 0
server: cafe
etag: 142 / 19472 / 31074079 / config-hash: 5475733890269258837
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:23:59 GMT

GET
H2 200 3e21e038a0f054c0.css
www.darkreading.com/_next/static/css/ 410 KB
64 KB 29ms
28ms Stylesheet
text/css 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/css/3e21e038a0f054c0.css
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83312fcd9cb4d005c6e9166b2adf53d0f11c21ee138623e82f54cb05de1f3cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:58 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13928
etag: W/"665da-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e75599403654-FRA
expires: Wed, 24 Apr 2024 13:23:58 GMT

GET
H2 200 webpack-5f7e9f8f8d03d69c.js Show response
www.darkreading.com/_next/static/chunks/ 4 KB
2 KB 29ms
29ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/webpack-5f7e9f8f8d03d69c.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1878115b1ddde15c264ecba2483095d1956a526ae0544f87e7fe9a3a62bb1d76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"ef2-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e756cab43654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 framework-70134ee1270fb32c.js Show response
www.darkreading.com/_next/static/chunks/ 128 KB
44 KB 28ms
27ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/framework-70134ee1270fb32c.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c662be26daa544e07f7170870e306427b9fcf0d9f30e6f602c7fb67005bfda3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"1fec8-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e756fb003654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 main-9bc1cfd325d1370f.js Show response
www.darkreading.com/_next/static/chunks/ 111 KB
32 KB 55ms
55ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/main-9bc1cfd325d1370f.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03b6f9934a86e8d5472f0b2449d99983b33aceba85871c5ac10ff79a70afab97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"1bd10-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7573b653654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 _app-d62ac510aa1280e2.js Show response
www.darkreading.com/_next/static/chunks/pages/ 497 KB
164 KB 29ms
29ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/pages/_app-d62ac510aa1280e2.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 656cbfee8d92b6426be1e7f30878b24c14f1cf0d68864e4ea1d7bf36e5da0005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"7c38e-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7579bf03654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 af537566-88286964f7a0b5d1.js Show response
www.darkreading.com/_next/static/chunks/ 269 KB
83 KB 29ms
29ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/af537566-88286964f7a0b5d1.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f84daf0174e2c6f686b5864ff7dafc119dae3c2ca88f213dcbfc3f70b2b39571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"43344-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e757ec763654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 80f08544-c91db5296fc68d77.js Show response
www.darkreading.com/_next/static/chunks/ 72 KB
20 KB 42ms
42ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/80f08544-c91db5296fc68d77.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36069dae705692548e4a2c2d3c504cea29cf7756771c054130f14e48f3492b58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"11e1b-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7583ccf3654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 265-2f47a5945553d0a6.js Show response
www.darkreading.com/_next/static/chunks/ 49 KB
17 KB 30ms
30ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/265-2f47a5945553d0a6.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb1589f0619e41e0fa1d0770121be244be9fa07d5a6c5938d5988f9726927307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"c216-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7588d7e3654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 106-6e732169920a1a66.js Show response
www.darkreading.com/_next/static/chunks/ 8 KB
3 KB 28ms
28ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/106-6e732169920a1a66.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720b074e114854f5c2b347ee013066f2ff6e8a1da750d605c8df6936b997eb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"1eec-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e758bdbf3654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 330-44b99de39ae2ad82.js Show response
www.darkreading.com/_next/static/chunks/ 91 KB
30 KB 28ms
27ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/330-44b99de39ae2ad82.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e00d3935f6a747eedf83365b8b957f71ec570e9ac018426c07f59e7e1a32126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"16df9-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e758ee073654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 410-87a058ee18a2e683.js Show response
www.darkreading.com/_next/static/chunks/ 179 KB
55 KB 31ms
30ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/410-87a058ee18a2e683.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e168f400859a54ae28705c297c4d347eacbbcfee972a38744b8f9d890022a898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"2cbc2-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e758fe193654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 644-10fece11b4038bdb.js Show response
www.darkreading.com/_next/static/chunks/ 18 KB
7 KB 40ms
38ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/644-10fece11b4038bdb.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 429f7e0fe891676debcf572bce666bf67cabfd82e6774895d4800283a05df589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 13929
cf-polished: origSize=18434
x-proxy-by: https://www.darkreading.com
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
etag: W/"4802-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7590e313654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 727-cb4d0a5251be82c9.js Show response
www.darkreading.com/_next/static/chunks/ 7 KB
2 KB 38ms
37ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/727-cb4d0a5251be82c9.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 061873fb71d654fc87404592fbb9cd1665e8882c1ab3423f92ddc61f940be783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"1ad3-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7590e333654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 353-c5fb30de1cdcd743.js Show response
www.darkreading.com/_next/static/chunks/ 115 KB
29 KB 50ms
48ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/353-c5fb30de1cdcd743.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1848ed0b2a54ed644ee182f2e2c012164080f1be7c475041f8d0a2ebe456c89f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 13929
cf-polished: origSize=117839
x-proxy-by: https://www.darkreading.com
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1cc4f-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7590e363654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 314-d27066328fe72a2d.js Show response
www.darkreading.com/_next/static/chunks/ 131 KB
40 KB 55ms
54ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/314-d27066328fe72a2d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35396bc1fe0457ca063caaf18161f4d252b66dda7bdf4dc83bd7291c5a763b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"20a76-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7590e383654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 274-e20cb371d1281709.js Show response
www.darkreading.com/_next/static/chunks/ 135 KB
45 KB 39ms
38ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/274-e20cb371d1281709.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e40e17ef48acdd8fbbd4ab434adcd35602a939c19816f297baaa91e675a067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"21d94-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7590e393654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 244-9326074d2ebe0e8b.js Show response
www.darkreading.com/_next/static/chunks/ 53 KB
14 KB 64ms
63ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/244-9326074d2ebe0e8b.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8fc3a6d5ec8e0edff999f03ce4cc4ef840801e8312f2c384c2df2b1fb3bd2b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"d4e1-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7590e3a3654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 497-ce14411cd67f6c91.js Show response
www.darkreading.com/_next/static/chunks/ 17 KB
6 KB 47ms
46ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/497-ce14411cd67f6c91.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 107846f6fbec06f86e7c539f97149effcafa712070a49b406bd4ef5cd1de0913

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"4438-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7590e3d3654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 411-d3fb60788f626717.js Show response
www.darkreading.com/_next/static/chunks/ 14 KB
4 KB 59ms
58ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/411-d3fb60788f626717.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ac768d479fd8627d59a5298f7175cf51f4ace4eea8feda66a04b1e32244d6ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"399e-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7590e3f3654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 424-f3a47c71b4010b0d.js Show response
www.darkreading.com/_next/static/chunks/ 80 KB
16 KB 39ms
38ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/424-f3a47c71b4010b0d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 875c3eebd478ee233c53fdfa7a12c202cccd9cc3c32346775994ee10fb1cb996

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"141ac-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7590e413654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 %5BhybidPage%5D-79e84f60f2ae4005.js Show response
www.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/ 37 KB
12 KB 46ms
43ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/%5BhybidPage%5D-79e84f60f2ae4005.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bf55cdbd45377c58e2d7d4b72250fdd3f2001ce13a3f92f37d15e6cd60911dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13929
etag: W/"93f1-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7591e443654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 _buildManifest.js Show response
www.darkreading.com/_next/static/y910sShJNLo9Ayirr4lfi/ 3 KB
1 KB 44ms
41ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/y910sShJNLo9Ayirr4lfi/_buildManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 874a0261d645ca245ab774eed8519e9df9b128ec8bd0171080cd289677b81063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:41:04 GMT
cf-bgj: minify
server: cloudflare
age: 11453
etag: W/"c10-187b7c9bb80"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7591e4a3654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 _ssgManifest.js Show response
www.darkreading.com/_next/static/y910sShJNLo9Ayirr4lfi/ 91 B
176 B 53ms
50ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/y910sShJNLo9Ayirr4lfi/_ssgManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:41:26 GMT
cf-bgj: minify
server: cloudflare
age: 11453
etag: W/"5b-187b7ca1170"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7591e4c3654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 _middlewareManifest.js Show response
www.darkreading.com/_next/static/y910sShJNLo9Ayirr4lfi/ 92 B
129 B 62ms
60ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/y910sShJNLo9Ayirr4lfi/_middlewareManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:41:26 GMT
cf-bgj: minify
server: cloudflare
age: 11453
etag: W/"5c-187b7ca1170"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e7591e4e3654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 russianactor_BeeBright_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt429d10e1f6807c93/620d852cdafa327d4acd6afb/ 63 KB
64 KB 87ms
13ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt429d10e1f6807c93/620d852cdafa327d4acd6afb/russianactor_BeeBright_shutterstock.jpg?quality=80&format=webply&width=690

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a727c8e832edfec61aa5030d5699c37d6b0ead2e501cdf1d8264d7233ac6fe23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 53831
x-cache: HIT, HIT
fastly-io-info: ifsz=734242 idim=1000x667 ifmt=jpeg ofsz=64866 odim=690x460 ofmt=webp
filename1: custom
content-disposition: inline; filename=russianactor_BeeBright_shutterstock.webp
fastly-stats: io=1
content-length: 64866
x-request-id: 86986
x-served-by: cache-ams21037-AMS, cache-fra-eddf8230073-FRA
x-runtime: 93ms
x-timer: S1682429040.606306,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "Ihq9jog9bMX5ic43slUs13UTLcSU3F+ccQDaWAU/kNA"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 44, 1

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 69ms
5ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1111d"
vary: Accept-Encoding
x-hw: 1682429039.dop141.fr8.t,1682429039.cds015.fr8.hn,1682429039.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 68ms
9ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 306104
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6458
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Spzbn5hJAgUpv7HbtxSdXnwLpXxFbrwDEr3jIUjEvVpwMHyX0WmvKRaFJdJXHsafBvngTmdpIlobV21FHeiMDmutRC4bKv4%2Bg2ZSu7jIH4rdVe95do3XSX%2BDGX51fsezpFM7Z6iZtkZRz4WNJ1E4IIjK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bd6e7596e53bba1-FRA
expires: Sun, 14 Apr 2024 13:23:59 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
15 KB 70ms
12ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 718, 718
age: 7795663
cdn-cachedat: 2021-06-08 13:25:52
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e3aee88c21b6991cd8d4728d630f1246
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7bd6e7596e43903a-FRA
cdn-requestpullsuccess: True

GET
H2 200 Whitelogo_1.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/ 8 KB
8 KB 86ms
12ms Image
image/png 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/Whitelogo_1.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b315181f1047d35cc29f1b83c9c31ea493c5006f21930ba0a5e790a80ca2b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 53828
x-cache: HIT, HIT
fastly-io-info: ifsz=7774 idim=336x84 ifmt=png ofsz=7760 odim=336x84 ofmt=png
content-disposition: inline; filename=Whitelogo_1.png
fastly-stats: io=1
content-length: 7760
x-request-id: 46209
x-served-by: cache-ams12733-AMS, cache-fra-eddf8230073-FRA
x-runtime: 69ms
x-timer: S1682429040.606225,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
etag: "FBb/Cijd5djg1i0f+YDwTH/riGkit5+W1YBTK34Yz3o"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 21, 2

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 104ms
46ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7bd6e7596a646901-FRA

GET
H2 200 4b083961-e2ac-4755-8801-f7c83a5fb187.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 5 KB
2 KB 45ms
28ms XHR
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/4b083961-e2ac-4755-8801-f7c83a5fb187.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Apr 2023 13:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: gKK4h+x/dMka9W5jOr1Sww==
age: 79321
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1918
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B1E5D5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 91fc5fcf-001e-003b-56e1-5a9ab8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bd6e755fcce382a-FRA
expires: Wed, 26 Apr 2023 13:23:59 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 45ms
25ms XHR
application/json 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7bd6e7564c2a361b-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.39.0/ 372 KB
89 KB 33ms
31ms Script
application/javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Apr 2023 13:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
age: 33285
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 90454
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
server: cloudflare
etag: 0x8DA87805EB35DE2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ec1cbf5f-b01e-00e5-38ab-4aca11000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bd6e7591afa367b-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 236 KB
69 KB 100ms
37ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e337d908408f3a8464238f5c97d24e6f354d97f388a8c8979e811bcf4e18f9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70187
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Apr 2023 13:23:59 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/ 400 KB
124 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 11:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6479
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127052
x-xss-protection: 0
server: cafe
etag: 14196522953641333499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 24 Apr 2024 11:36:00 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 65 B
75 B 83ms
48ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.darkreading.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

032a9621531a7da78f7dd1fc7a2f8e8fb6b5bb57a4d42696c0f73f07dd42c796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
expires: Tue, 25 Apr 2023 13:23:59 GMT

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb4787d6337aa1e504d8d2dc49629d5b46a49c30a6da6f4bb964e8875dd4bc43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 pdf.fd517ede.png
www.darkreading.com/_next/static/media/ 8 KB
8 KB 42ms
24ms Image
image/png 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.darkreading.com/_next/static/media/pdf.fd517ede.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/_next/static/css/3e21e038a0f054c0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/_next/static/css/3e21e038a0f054c0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
cf-cache-status: HIT
age: 13928
cf-polished: origSize=11781
content-length: 8484
x-proxy-by: https://www.darkreading.com
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: W/"2e05-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7bd6e7597ed13654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 4UaOrEtFpBISc36j2jDu5w.woff2
fonts.gstatic.com/s/exo/v20/ 20 KB
20 KB 47ms
11ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v20/4UaOrEtFpBISc36j2jDu5w.woff2

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb657972079f36258237fd79c9b7cf160c82943f31fe5ff1b0e10be49e27be5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:24 GMT
x-content-type-options: nosniff
age: 386315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20268
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:19:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:24 GMT

GET
H2 200 78.c180425dea40d393.js Show response
www.darkreading.com/_next/static/chunks/ 3 KB
1 KB 48ms
48ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/_next/static/chunks/78.c180425dea40d393.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/_next/static/chunks/webpack-5f7e9f8f8d03d69c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc57fb7726d7a86c273bebb59f12bc63a69ea93c695f971f73bb035f9bbe928b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 09:05:42 GMT
cf-bgj: minify
server: cloudflare
age: 13928
etag: W/"a48-187b7a95a70"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bd6e75b49a73654-FRA
expires: Wed, 24 Apr 2024 13:23:59 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v2.0/ 7 KB
3 KB 55ms
9ms Script
application/javascript 18.154.63.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v2.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/_next/static/chunks/pages/_app-d62ac510aa1280e2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-51.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f8650c7f614694fbf353e3690b981a651ce8aa79ee32c82f21ef303eeeb5421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:19:19 GMT
x-amz-version-id: ID.rFhUQG21hU9hnrAlmgiwMuXmUIHpx
content-encoding: br
last-modified: Wed, 15 Feb 2023 16:44:30 GMT
server: AmazonS3
via: 1.1 c9b630de734c38e36e97554a32ac1a68.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
etag: W/"2e8cb32ecd32a154a16f47e5344c4733"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 11081
x-amz-cf-id: srNFqSrxy3YlL4CLg3Z9PqCITKSAvXiZDWyLAoxMfFExAu8X1tUHDg==

GET
H2 200 session Show response
www.darkreading.com/api/auth/ 2 B
376 B 124ms
122ms Fetch
application/json 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/session
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/_next/static/chunks/pages/_app-d62ac510aa1280e2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:00 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7bd6e75b79f03654-FRA
content-length: 2

GET
H2 200 session Show response
www.darkreading.com/api/auth/ 2 B
205 B 125ms
124ms Fetch
application/json 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/session
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/_next/static/chunks/pages/_app-d62ac510aa1280e2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:00 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7bd6e75b79f43654-FRA
content-length: 2

GET
H2 200 Dark_Reading_Logo.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/ 5 KB
2 KB 9ms
8ms Image
image/svg+xml 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/Dark_Reading_Logo.svg?quality=80&format=webply&width=222

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0e198a2d521948c31a85eff04b881542d8b31d8b5824f900a950ea34bf5ef811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 53827
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Dark_Reading_Logo.svg+xml
fastly-stats: io=1
content-length: 2021
x-request-id: 77944
x-served-by: cache-ams21058-AMS, cache-fra-eddf8230073-FRA
x-runtime: 99ms
x-timer: S1682429040.916462,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 25, 2

GET
H2 200 Article.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt27dca7fd9a7ec07d/60da98a6537dbc26a0e2a2d3/ 3 KB
1 KB 10ms
9ms Image
image/svg+xml 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt27dca7fd9a7ec07d/60da98a6537dbc26a0e2a2d3/Article.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de06fea245b0036d21764fcf2b9a4791c0a0f1e927e3916c7d779cb44a1977bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 53830
x-cache: HIT, HIT
content-disposition: inline; filename=Article.svg
fastly-stats: io=1
content-length: 1177
x-request-id: 279
x-served-by: cache-ams21065-AMS, cache-fra-eddf8230073-FRA
x-runtime: 79ms
x-timer: S1682429040.917047,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 13, 2

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt91e5f91ce3f0cdd9/63d0288ac98dbe55ece1d0a9/ 3 KB
4 KB 13ms
11ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt91e5f91ce3f0cdd9/63d0288ac98dbe55ece1d0a9/Nate-Nelson_(1).jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 53831
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=3376 odim=100x105 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 3376
x-request-id: 60071
x-served-by: cache-ams21023-AMS, cache-fra-eddf8230073-FRA
x-runtime: 169ms
x-timer: S1682429040.917043,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "qPc4Ej0Icam3tgfIlB+gqtt4GyFe8VrlHnMKfkTmDM4"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 87, 1

GET
H2 200 crop_playbook_Panther_Media_GmbH_Alamy.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltfbc8835d295a8667/6427292ca17bce665a84be0f/ 1 KB
2 KB 14ms
13ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltfbc8835d295a8667/6427292ca17bce665a84be0f/crop_playbook_Panther_Media_GmbH_Alamy.png?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

332be8338c36d31c73519e17af7df81c34188319ba032325031df6ad299fac1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 53827
x-cache: HIT, HIT
fastly-io-info: ifsz=108374 idim=640x320 ifmt=png ofsz=1320 odim=100x50 ofmt=webp
filename1: custom
content-disposition: inline; filename=crop_playbook_Panther_Media_GmbH_Alamy.webp
fastly-stats: io=1
content-length: 1320
x-request-id: 6580
x-served-by: cache-ams12735-AMS, cache-fra-eddf8230073-FRA
x-runtime: 125ms
x-timer: S1682429040.917745,VS0,VE3
x-contentstack-organization: blt5948195ac13977b0
etag: "031m2nqL3GZ7xf6UXa44q+TwU+kiCqyZg9v8qMcbICg"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 23, 1

GET
H2 200 machinelearning_Wright_Studio_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltbebaf675082f5c32/643472d385bd3b0bdb8f309a/ 2 KB
2 KB 12ms
11ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltbebaf675082f5c32/643472d385bd3b0bdb8f309a/machinelearning_Wright_Studio_shutterstock.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

584e18559bbb004441536d357452aa863692edb0be74bb1ebc53cfad23b2ef44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 53827
x-cache: HIT, HIT
fastly-io-info: ifsz=659976 idim=1000x563 ifmt=jpeg ofsz=1844 odim=100x56 ofmt=webp
filename1: custom
content-disposition: inline; filename=machinelearning_Wright_Studio_shutterstock.webp
fastly-stats: io=1
content-length: 1844
x-request-id: 98079
x-served-by: cache-ams12744-AMS, cache-fra-eddf8230073-FRA
x-runtime: 86ms
x-timer: S1682429040.917708,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "RTPlADJWps13ECB/13PzNVjreGWnBEwSrAcyDgIg3s8"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 23, 1

GET
H2 200 lastpass_II.studio_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt7ec9a27c8b7b6708/638916c337b5726463193bbf/ 1 KB
2 KB 13ms
12ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt7ec9a27c8b7b6708/638916c337b5726463193bbf/lastpass_II.studio_shutterstock.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9dff15c6576770a67939c29928d8e31ff30ecc041354b5eecacc82bbe51aafa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 53827
x-cache: HIT, HIT
fastly-io-info: ifsz=502654 idim=1000x667 ifmt=jpeg ofsz=1464 odim=100x67 ofmt=webp
filename1: custom
content-disposition: inline; filename=lastpass_II.studio_shutterstock.webp
fastly-stats: io=1
content-length: 1464
x-request-id: 57797
x-served-by: cache-ams12720-AMS, cache-fra-eddf8230073-FRA
x-runtime: 114ms
x-timer: S1682429040.917701,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "87ok/rKjw0SpsLSd6414KNjeZfG21Jz7QBkotye4zts"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 24, 1

GET
H2 200 fin7_ozrimoz_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt59b1ed0e12319538/643db1eb2b3e6c10dd5c97f5/ 1 KB
1 KB 10ms
10ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt59b1ed0e12319538/643db1eb2b3e6c10dd5c97f5/fin7_ozrimoz_shutterstock.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b95abe7fc24dcfcb2a39ba7887760551af01a59b680371c08bf45be52f5fdb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:23:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 53827
x-cache: HIT, HIT
fastly-io-info: ifsz=706331 idim=1000x573 ifmt=jpeg ofsz=1218 odim=100x57 ofmt=webp
filename1: custom
content-disposition: inline; filename=fin7_ozrimoz_shutterstock.webp
fastly-stats: io=1
content-length: 1218
x-request-id: 70030
x-served-by: cache-ams12749-AMS, cache-fra-eddf8230073-FRA
x-runtime: 196ms
x-timer: S1682429040.917082,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "qkNTeBch8G4CTnNekNiKfMVF1AFbcWcp+Y4pDOzl4rA"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 22, 1

GET
H2 200 image
www.darkreading.com/_next/ 654 B
880 B 417ms
416ms Image
image/webp 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/_next/image?url=https%3A%2F%2Fwww.darkreading.com%2F_next%2Fstatic%2Fmedia%2Firibbon-logo.fed34d59.png&w=96&q=75

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab36b8356d4b7e3e3591b161427e6fb18512a2ccc8a787f8cc03294cf2f30478

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:00 GMT
content-security-policy: script-src 'none'; sandbox;
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: qza4NW1Lfj41kbFhQn5vsYUSoszIp4f4zAMpTPLzBHg=
vary: Accept, Origin, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000, must-revalidate
content-disposition: inline; filename="iribbon-logo.webp"
cf-ray: 7bd6e75b79f73654-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/ 81 KB
18 KB 20ms
19ms Fetch
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Apr 2023 13:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NMyqdpBtpYEfMyyUOi/oVQ==
age: 41853
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 18270
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:33 GMT
server: cloudflare
etag: 0x8DAE1C57C3EAB90
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 86b120cf-e01e-013e-67e1-5a2892000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bd6e75bad0a382a-FRA
expires: Wed, 26 Apr 2023 13:23:59 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 113 KB
44 KB 147ms
21ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-W6LRXN3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1a19826c4868235ee0f0abbbb26776f29912d4248282ab9c3f989a9ddd0367f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45161
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Apr 2023 13:24:00 GMT

GET
H2 200 / Show response
6600d6d98e534115970f9529a45f3195.js.ubembed.com/ 482 B
690 B 130ms
7ms Script
application/json 151.101.193.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2818c286abce05ff2bec304720049991809f5d7f0a426f36c176b6e22730cdad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:00 GMT
content-encoding: br
x-backend-region: eu_west_1
x-amz-cf-pop: FRA56-P3
age: 851
etag: W/aaab40e12ca91eabbcb0f8f10bd5715a-v0.180.0
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
accept-ranges: none
x-amz-apigw-id: D72cjGoxDoEFS_w=

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 134ms
14ms Script
application/x-javascript 23.32.242.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.32.242.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-242-89.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Apr 2023 13:24:00 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Wed, 11 Jan 2023 20:34:04 GMT
ETag: "39c1adbfc25d91:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Tue, 25 Apr 2023 13:24:00 GMT

GET
H/1.1 200
OK dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js Show response
s.dpmsrv.com/ 747 KB
62 KB 133ms
12ms Script
application/x-javascript 108.157.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.71 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-71.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dddb939f2fb146a699ea1cf0efd984d4b8f429aa49d70246bff358fdbdf7fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 17:25:28 GMT
Content-Encoding: gzip
Via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
Last-Modified: Thu, 29 Sep 2022 16:23:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P2
Age: 71913
ETag: "4c2c9bc43f06a59cee56d3211f043fa3"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63462
X-Amz-Cf-Id: SxfFmU58bgjOVp6Ir5Hl3KQdxmWIb3OBRaU9f5I3yK5zqyTsV_PdQg==

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 152ms
30ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a60d69da1596fecefa0361fb48efb1b215583072a27007de5aced6e4c4b6af6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 25 Apr 2023 13:24:00 GMT

GET
H2 200 hotjar-2610568.js Show response
static.hotjar.com/c/ 13 KB
6 KB 167ms
46ms Script
application/javascript 108.157.4.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.113 , Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-113.dus51.r.cloudfront.net

Software

Resource Hash

54bc3571e962e764d2a807edf98c0aa7f5b5132adb4049f34427f132d53bb096

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/9c90f2783b8d9eb89d2b5c03825c547a
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: sGUUTu-d3sXB9rm0ymM-42w6In7aYMZlL-WEC3jeK8MHVr_PLCGs9w==

GET
H2 200 adobe-target.js Show response
beta.darkreading.com/js/third-party/ 191 KB
42 KB 586ms
569ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/js/third-party/adobe-target.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e2472635cbca31d4b0694c1248618677a5279d6e841b23191c3d5a76ac09f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Apr 2023 09:38:01 GMT
server: cloudflare
etag: W/"2fa26-187b7c6f0a8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7200
cf-ray: 7bd6e75cbb983654-FRA
expires: Tue, 25 Apr 2023 15:24:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 118ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Apr 2023 12:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3375
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 25 Apr 2023 14:27:45 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 110ms
2ms Script
application/x-javascript 2600:9000:2057:3800:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 01:10:22 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 44018
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: oMKjBtpSFP9DhsoMUHwhTY-Dkic7ncO_LEv6K813WZTif_ufrcdKUg==
expires: Wed, 26 Apr 2023 01:10:22 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v3.0/ 14 KB
5 KB 88ms
87ms Script
application/javascript 18.154.63.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-51.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2adfabdca47e7ea3ca23597e24f6415dea9842d97159920b12d55796273b50f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:19:20 GMT
x-amz-version-id: HcerYY2f5.DoKJ.hjtbegnr29y5KQGEN
content-encoding: br
last-modified: Tue, 25 Apr 2023 09:00:39 GMT
server: AmazonS3
via: 1.1 c9b630de734c38e36e97554a32ac1a68.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
etag: W/"c38ba007b23d2b241c1008f782a80ab1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 11081
x-amz-cf-id: bJ1_6ZrUZeheVV9NyIP7U0E5lFzcahetD4DSlOpeUR54-FdjaBQI-g==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
82 KB 98ms
98ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7561dbabd836af2b6fe663e7cd02763e05ac05968ee566d7bce06a933927500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83756
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Apr 2023 13:24:00 GMT

GET
H2 200 ZGFya3JlYWRpbmcuY29t.json Show response
static.iris.informa.com/widgets/config/cdl/ 24 B
491 B 223ms
137ms Fetch
binary/octet-stream 18.154.63.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by: Host: static.iris.informa.com
URL: https://static.iris.informa.com/widgets/v2.0/iris-t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-51.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date: Tue, 25 Apr 2023 13:24:01 GMT
via: 1.1 0f614fbd956590bdb4b3def9e1395ca6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24
last-modified: Tue, 28 Feb 2023 08:49:48 GMT
server: AmazonS3
etag: "d14dcd26bd0521dd67cdde302d3ac4a2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: UmOjpgU3af3g1-_O_X22kZDyaF5ENoxN0SNLZ5rBd_mnQOLvisqb5A==

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 16 KB
4 KB 59ms
58ms Fetch
application/json 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFloatingRoundedIcon.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Apr 2023 13:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mbb70m5YOd2/+METBtRttw==
age: 57875
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3803
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:56 GMT
server: cloudflare
etag: 0x8DA87805A12E7D8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cc8087dd-c01e-00e1-07e1-5a3f93000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bd6e75cceab382a-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 64 KB
13 KB 60ms
60ms Fetch
application/json 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Apr 2023 13:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Kw22gRKC0ogRtsT2RwAR9Q==
age: 56064
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13290
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:57 GMT
server: cloudflare
etag: 0x8DA87805AF0078C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 82d0c884-001e-00f7-54e1-5afe0d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bd6e75ccead382a-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 22 KB
5 KB 59ms
59ms Fetch
text/css 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Apr 2023 13:24:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: B55i3ZY9miZIaUrwjufy0w==
age: 81107
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 372018e9-a01e-001f-18e1-5a03f6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7bd6e75cceae382a-FRA

GET
H2 200 ZGFya3JlYWRpbmcuY29t.json Show response
static.iris.informa.com/widgets/config/cdl/ 24 B
492 B 137ms
120ms Fetch
binary/octet-stream 18.154.63.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by: Host: static.iris.informa.com
URL: https://static.iris.informa.com/widgets/v2.0/iris-t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-51.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date: Tue, 25 Apr 2023 13:24:01 GMT
via: 1.1 0f614fbd956590bdb4b3def9e1395ca6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24
last-modified: Tue, 28 Feb 2023 08:49:48 GMT
server: AmazonS3
etag: "d14dcd26bd0521dd67cdde302d3ac4a2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: W4u8h7ya3WtmUvfTxtUybzp9v_TPggOA-g-IKiZbWBHu2_-CWQWLOg==

GET
H2 200 f23io39d.js Show response
static.iris.informa.com/ 70 KB
23 KB 14ms
14ms Script
application/javascript 18.154.63.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/f23io39d.js
Requested by: Host: static.iris.informa.com
URL: https://static.iris.informa.com/widgets/v2.0/iris-t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-51.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: r.70SgccGRmRk8cXfo6q55SZB1TmHyVy
content-encoding: gzip
via: 1.1 c9b630de734c38e36e97554a32ac1a68.cloudfront.net (CloudFront)
date: Tue, 25 Apr 2023 04:47:13 GMT
last-modified: Thu, 02 Sep 2021 16:02:23 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 51686
x-amz-server-side-encryption: AES256
etag: W/"a790df23a63287b42b6e7324cb81afd9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 6qeBdktXkyhiZJKdaYcvaGyW-kqkcUq02bXliRRMLfQ4UFfK2yhiQA==

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/3.0/ 58 KB
20 KB 51ms
10ms Script
application/javascript 108.157.4.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/3.0/td.min.js
Requested by: Host: static.iris.informa.com
URL: https://static.iris.informa.com/widgets/v2.0/iris-t.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.19 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 10 May 2022 23:11:40 GMT
Content-Encoding: gzip
Via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
Age: 30204741
X-Amz-Cf-Pop: DUS51-P2
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Mon, 05 Jul 2021 08:58:13 GMT
Server: AmazonS3
Etag: W/"4b9abb36767431f05495228eb82edf01"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: V_uI1THZVoQjmsYxfyvfj9ivMS8TBzfMfK6uaP4jKvW8OInzPBVz8A==

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Informa_Logo_1Line_Indigo_Grad_RGB.jpg
cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/ 145 KB
145 KB 17ms
17ms Image
image/jpeg 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/Informa_Logo_1Line_Indigo_Grad_RGB.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Apr 2023 13:24:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8NigNwrkdBmjWsQuvIR/Tg==
age: 4326
content-length: 148084
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 26 Nov 2021 15:49:29 GMT
server: cloudflare
etag: 0x8D9B0F4552FB1EF
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: b3e3f85e-601e-00e7-74e1-5ac8eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bd6e75d5900367b-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 32ms
32ms Image
image/svg+xml 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Apr 2023 13:24:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 56548
x-ms-lease-status: unlocked
last-modified: Mon, 24 Apr 2023 04:36:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 17909ae0-101e-00a7-2967-76e105000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7bd6e75d5903367b-FRA

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 306ms
101ms Image
image/gif 34.192.97.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=darkreading.com&p=%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&u=DCoT4TBRsYaGcSdUy&d=darkreading.com&g=53678&g0=threat-intelligence&g1=nate%20nelson&g4=article&n=1&f=00001&c=0&x=0&m=0&y=4217&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&b=1912&t=DUAueuCT9xGUCqlbG2Db45SfYHGpY&V=139&i=Tangled%20Up%3A%20%27Tomiris%27%20APT%20Uses%20Turla%20Malware%2C%20Confusing%20Researchers&tz=0&sn=1&sv=B9wQ7n6imDDDKMfm4DyNzlfC2SzMo&sd=1&im=067b2fff&_
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.97.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-97-129.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 25 Apr 2023 13:24:00 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.0/ 174 KB
48 KB 34ms
8ms Script
application/javascript 108.138.17.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.0/bundle.js
Requested by: Host: 6600d6d98e534115970f9529a45f3195.js.ubembed.com
URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 18:00:56 GMT
content-encoding: gzip
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:53:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 3612185
etag: W/"1a08556fd14aad311b6d4906f59fef42"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: UDvMdSU2mDORV_h3HVD3fn5rL7EV4SVu7AbN9TUUX2Y1NUySfnXjig==

OPTIONS
H2 200 ed0
c.darkreading.com/com.iiris/ Frame 0
0 196ms
131ms Preflight 2606:4700::6811:7763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 7bd6e75e5bc69170-FRA
content-length: 0
date: Tue, 25 Apr 2023 13:24:00 GMT
server: cloudflare

POST
H2 200 ed0 Show response
c.darkreading.com/com.iiris/ 2 B
303 B 142ms
141ms XHR
text/plain 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Requested by: Host: static.iris.informa.com
URL: https://static.iris.informa.com/f23io39d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 25 Apr 2023 13:24:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 7bd6e75f2f183654-FRA
content-length: 2

GET
H/1.1

200
OK

svrGP
trk.darkreading.com/visitor/v200/
Redirect Chain

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&ref2=e...
https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&ref2=e...

49 B
504 B

908ms
907ms

Image
image/gif

142.0.173.15
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&ref2=elqNone&tzo=0&ms=304&optin=disabled&elq1pcGUID=984256A1992C4FBEA51698CF5B56B026

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

HTTP/1.1

Server

142.0.173.15 Toronto, Canada, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Apr 2023 13:24:01 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Tue, 25 Apr 2023 13:24:00 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&ref2=elqNone&tzo=0&ms=304&optin=disabled&elq1pcGUID=984256A1992C4FBEA51698CF5B56B026
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 420
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/d87d581f/www-widgetapi.vflset/ 184 KB
62 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb316b7543de09693b789a31a3cf23d39272ca8a14c2720bd69c2a1eec6c4d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63257
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Apr 2024 13:10:27 GMT

GET
H2 200 modules.15845db2f7d4b3e39af3.js Show response
script.hotjar.com/ 262 KB
68 KB 32ms
10ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.15845db2f7d4b3e39af3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

33fb2f15286d2e334a1ada74d2a9a3a5d4bc847082d7087f4a5b5d25d5cf5eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 11:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 6413
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69020
last-modified: Tue, 25 Apr 2023 11:36:39 GMT
etag: "9c174b4529ae0969994cfd4e9ec96ace"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: KnR66j9OhGgoxHHsTJYBwZ5A_YcOOnj5qXH5ZZ0m_-aI4sy37ywb-w==

POST
H2 200 js_pageviews_itcyber_darkreading Show response
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ 16 B
478 B 31ms
12ms Fetch
application/json 3.125.172.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1682429040315

Requested by

Host: cdn.treasuredata.com
URL: https://cdn.treasuredata.com/sdk/3.0/td.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.172.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-172-192.eu-central-1.compute.amazonaws.com

Software

Resource Hash

56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-TD-Write-Key: 100/bb9cbe21de3db7a5428506d7528e45b2c801a48c
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-TD-Fetch-Api: true
Content-Type: application/json

Response headers

date: Tue, 25 Apr 2023 13:24:00 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
p3p: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
access-control-allow-origin: https://www.darkreading.com
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
content-length: 16

OPTIONS
H2 204 js_pageviews_itcyber_darkreading
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ Frame 0
0 58ms
8ms Preflight 3.125.172.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1682429040315

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.172.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-172-192.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-td-fetch-api,x-td-write-key
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 7200
date: Tue, 25 Apr 2023 13:24:00 GMT
strict-transport-security: max-age=31536000

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 55ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1X1EHQ3PFR&gtm=45je34j0&_p=101073335&_gaz=1&cid=1324050391.1682429040&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682429040&sct=1&seg=0&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&dt=Tangled%20Up%3A%20%27Tomiris%27%20APT%20Uses%20Turla%20Malware%2C%20Confusing%20Researchers&en=page_view&_fv=1&_nsi=1&_ss=1&ep.pageType=article&ep.authorByline=nate%20nelson&ep.publishDate=Apr%2024%2C%202023&ep.primaryCategory=threat-intelligence&ep.pageId=blteef46dc246fe4c3b&ep.adUnit=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&ep.sponsor=&ep.contentLabel=News&ep.secondaryTerms=attacks-breaches%2Cvulnerabilities-threats%2Cadvanced-threats&ep.gtmContainerId=scm%20-%20122&ep.primaryTermRealText=Threat%20Intelligence
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 61ms
20ms Ping
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1X1EHQ3PFR&cid=1324050391.1682429040&gtm=45je34j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 74ms
47ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1X1EHQ3PFR&cid=1324050391.1682429040&gtm=45je34j0&aip=1&z=1680619865

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 16ms
15ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=101073335&t=pageview&_s=1&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&dp=%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&ul=en-us&de=UTF-8&dt=Tangled%20Up%3A%20%27Tomiris%27%20APT%20Uses%20Turla%20Malware%2C%20Confusing%20Researchers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABRAAAACACI~&jid=1098174202&gjid=1665316180&cid=1324050391.1682429040&tid=UA-135180592-2&_gid=141940605.1682429040&_r=1&_slc=1&gtm=45He34j0n81T52Z3Z3&cg1=article&cg2=News&cg3=Threat%20Intelligence&cd1=article&cd2=nate%20nelson&cd3=&cd4=News&cd5=Apr%2024%2C%202023&cd6=threat-intelligence&cd9=attacks-breaches%2Cvulnerabilities-threats%2Cadvanced-threats&cd10=0&cd16=blteef46dc246fe4c3b&cd17=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&cd18=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&cd20=vanguard%20-%20122&z=421414489

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D592278%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.d...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253...
https://a.dpmsrv.com/dpmpxl/index.php?id=1111044141702830350&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=592278&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tom...

246 B
996 B

416ms
94ms

Script
text/javascript

3.220.216.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=1111044141702830350&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=592278&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: HTTP/1.1
Server: 3.220.216.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-216-226.compute-1.amazonaws.com
Software: /
Resource Hash: d28dad4f1984213b641b46715ddd12c6509fff3bf0804f4c4e63ef22f9dfb5f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 217
Expires: 0

Redirect headers

Date: Tue, 25 Apr 2023 13:24:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 85423955-f533-471a-836f-ffc8ae492151
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=1111044141702830350&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=592278&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 21ms
19ms XHR
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-135180592-2&cid=1324050391.1682429040&jid=1098174202&gjid=1665316180&_gid=141940605.1682429040&_u=aCDACEAARAAAACACI~&z=615730445

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 25 Apr 2023 13:24:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 82ms
55ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-135180592-2&cid=1324050391.1682429040&jid=1098174202&_u=aCDACEAARAAAACACI~&z=1067984624

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 51ms
51ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-135180592-2&cid=1324050391.1682429040&jid=1098174202&_u=aCDACEAARAAAACACI~&z=1067984624

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 delivery Show response
iirexhibitionslimite.tt.omtrdc.net/rest/v1/ 296 B
815 B 131ms
37ms XHR
application/json 99.80.21.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iirexhibitionslimite.tt.omtrdc.net/rest/v1/delivery?client=iirexhibitionslimite&sessionId=301defb70f354d878ee2f69160671c72&version=2.8.1

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/third-party/adobe-target.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.21.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-21-219.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f21710d126d1784c5b9ba4f30f3260d8c4fa1f8b7a3cc7e4c8ac8a140f848665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Apr 2023 13:24:00 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 399d38970f5232d42a7829d345fa5536

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1111044141702830350&pixelIndex=0
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=1111044141702830350&pixelIndex=0&google_tc=
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1111044141702830350&pixelIndex=0&google_gid=CAESEBHZjS6i3XpORLIqqLMScQo&google_cver=1

0
598 B

97ms
97ms

Script
text/javascript

3.220.216.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1111044141702830350&pixelIndex=0&google_gid=CAESEBHZjS6i3XpORLIqqLMScQo&google_cver=1
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: HTTP/1.1
Server: 3.220.216.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-216-226.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1111044141702830350&pixelIndex=0&google_gid=CAESEBHZjS6i3XpORLIqqLMScQo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
98 B 42ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=1111044141702830350
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 70ms
20ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.darkreading.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 56ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.darkreading.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
12 KB 105ms
104ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2384497319690510&correlator=583978575444210&eid=31073677%2C31074079%2C44777897%2C31068366&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&adks=2734278250&sfv=1-0-40&prev_scp=pos%3Dwelcome_v%26ptype%3Darticle%26pageid%3Dblteef46dc246fe4c3b%26aid%3D570196%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1682429042227&lmt=1682429042&dlt=1682429038948&idt=1030&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&frm=20&vis=1&psz=1600x4240&msz=0x0&fws=132&ohw=1600&ga_vid=1324050391.1682429040&ga_sid=1682429042&ga_hid=101073335&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

853d2620667da24208daf170e7b949e301688e4ab67c85c452b9bf2de76bc85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12629
x-xss-protection: 0
google-lineitem-id: 6235418606
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138428976147
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 559 B
317 B 46ms
46ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2384497319690510&correlator=583978575444210&eid=31073677%2C31074079%2C44777897%2C31068366&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&adks=2045221590&sfv=1-0-40&prev_scp=pos%3Dbigsky_v%26ptype%3Darticle%26pageid%3Dblteef46dc246fe4c3b%26aid%3D570196%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1682429042240&lmt=1682429042&dlt=1682429038948&idt=1030&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&frm=20&vis=1&psz=1600x4240&msz=0x0&fws=132&ohw=1600&ga_vid=1324050391.1682429040&ga_sid=1682429042&ga_hid=101073335&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3326f0d66ca3b0ef4cbf29d399232e4651788d636b55d2f192268b843cb0acad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
4 KB 75ms
73ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2384497319690510&correlator=583978575444210&eid=31073677%2C31074079%2C44777897%2C31068366&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=3&adks=4210692985&sfv=1-0-40&ists=1&prev_scp=pos%3Dwallpaper_v%26ptype%3Darticle%26pageid%3Dblteef46dc246fe4c3b%26aid%3D570196%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1682429042247&lmt=1682429042&dlt=1682429038948&idt=1030&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&frm=20&vis=1&psz=1600x4240&msz=0x0&fws=132&ohw=1600&ga_vid=1324050391.1682429040&ga_sid=1682429042&ga_hid=101073335&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

deebd199ddadbdc34ffb6987c2dc8656b994529b4ef9ea1f0551e73489756b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4340
x-xss-protection: 0
google-lineitem-id: 6182682175
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138423855195
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 559 B
317 B 77ms
76ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2384497319690510&correlator=583978575444210&eid=31073677%2C31074079%2C44777897%2C31068366&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=4&adks=4087131669&sfv=1-0-40&ists=1&prev_scp=pos%3Doop_v%26ptype%3Darticle%26pageid%3Dblteef46dc246fe4c3b%26aid%3D570196%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1682429042271&lmt=1682429042&dlt=1682429038948&idt=1030&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&frm=20&vis=1&psz=1600x4240&msz=0x0&fws=132&ohw=1600&ga_vid=1324050391.1682429040&ga_sid=1682429042&ga_hid=101073335&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7da43615497431686da30736bed89b089640b00f60c0fc363705521b37b6ee8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 559 B
316 B 90ms
88ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2384497319690510&correlator=583978575444210&eid=31073677%2C31074079%2C44777897%2C31068366&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=5&adks=1007812694&sfv=1-0-40&prev_scp=pos%3Dfloor_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblteef46dc246fe4c3b%26aid%3D570196%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1682429042277&lmt=1682429042&dlt=1682429038948&idt=1030&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&frm=20&vis=1&psz=1600x4240&msz=0x0&fws=132&ohw=1600&ga_vid=1324050391.1682429040&ga_sid=1682429042&ga_hid=101073335&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

527f0597e5a5c4ee09a3d189bd0c0495ad504adbc4aab65395e074bd21f86062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 287
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 559 B
316 B 51ms
49ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2384497319690510&correlator=583978575444210&eid=31073677%2C31074079%2C44777897%2C31068366&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=7x7&ifi=6&adks=2857532071&sfv=1-0-40&prev_scp=pos%3Dadhesion_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblteef46dc246fe4c3b%26aid%3D570196%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1682429042281&lmt=1682429042&dlt=1682429038948&idt=1030&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&frm=20&vis=1&psz=1600x4240&msz=7x0&fws=132&ohw=1600&ga_vid=1324050391.1682429040&ga_sid=1682429042&ga_hid=101073335&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1416c3244a6798bb6194d6a2d3909fabc3ed84d73684de8addc5caa2caeac78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 287
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 77ms
76ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2384497319690510&correlator=583978575444210&eid=31073677%2C31074079%2C44777897%2C31068366&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=7&adks=1464948156&sfv=1-0-40&prev_scp=pos%3D728_1v%26ptype%3Darticle%26pageid%3Dblteef46dc246fe4c3b%26aid%3D570196%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1682429042284&lmt=1682429042&dlt=1682429038948&idt=1030&adxs=315&adys=86&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&frm=20&vis=1&psz=984x0&msz=970x0&fws=4&ohw=1600&ga_vid=1324050391.1682429040&ga_sid=1682429042&ga_hid=101073335&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

062e966b7277efe21c5d52f1dc50fd6f637ee8dc09787da58575bf94a2cba078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13374
x-xss-protection: 0
google-lineitem-id: 6157543105
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430455658
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 75ms
73ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2384497319690510&correlator=583978575444210&eid=31073677%2C31074079%2C44777897%2C31068366&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=8&adks=1177074020&sfv=1-0-40&prev_scp=pos%3Dvideo_v%26ptype%3Darticle%26pageid%3Dblteef46dc246fe4c3b%26aid%3D570196%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1682429042287&lmt=1682429042&dlt=1682429038948&idt=1030&adxs=308&adys=935&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&frm=20&vis=1&psz=646x2088&msz=646x0&fws=4&ohw=1600&ga_vid=1324050391.1682429040&ga_sid=1682429042&ga_hid=101073335&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07bb0f81573c118fb2cced07aacddad96a5612bf0e300e5b2ab17e350bd1c419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9788
x-xss-protection: 0
google-lineitem-id: 5674929725
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347225724
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 82ms
80ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2384497319690510&correlator=583978575444210&eid=31073677%2C31074079%2C44777897%2C31068366&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=9&adks=3223838023&sfv=1-0-40&prev_scp=pos%3D300_1v_article%26ptype%3Darticle%26pageid%3Dblteef46dc246fe4c3b%26aid%3D570196%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1682429042289&lmt=1682429042&dlt=1682429038948&idt=1030&adxs=654&adys=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=1324050391.1682429040&ga_sid=1682429042&ga_hid=101073335&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22493b345cbf6bd424d4837aaede3717956860cddffac5415e2cf120c433a38a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13382
x-xss-protection: 0
google-lineitem-id: 6140096305
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138409453221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 75ms
74ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2384497319690510&correlator=583978575444210&eid=31073677%2C31074079%2C44777897%2C31068366&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250%7C5x5&ifi=10&adks=2122825586&sfv=1-0-40&prev_scp=pos%3D300_1v%26ptype%3Darticle%26pageid%3Dblteef46dc246fe4c3b%26aid%3D570196%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1682429042300&lmt=1682429042&dlt=1682429038948&idt=1030&adxs=988&adys=126&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&frm=20&vis=1&psz=308x0&msz=300x0&fws=4&ohw=1600&ga_vid=1324050391.1682429040&ga_sid=1682429042&ga_hid=101073335&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240f7bb05c2a5c586b2c7d4d5c92e56ce10b3f2b8957bf26d3126967cfa18c2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11072
x-xss-protection: 0
google-lineitem-id: 6182682175
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138408218300
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
13 KB 90ms
88ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2384497319690510&correlator=583978575444210&eid=31073677%2C31074079%2C44777897%2C31068366&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=11&adks=3536289636&sfv=1-0-40&prev_scp=pos%3D300_2v%26ptype%3Darticle%26pageid%3Dblteef46dc246fe4c3b%26aid%3D570196%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1682429042310&lmt=1682429042&dlt=1682429038948&idt=1030&adxs=988&adys=126&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&frm=20&vis=1&psz=308x0&msz=300x0&fws=4&ohw=1600&ga_vid=1324050391.1682429040&ga_sid=1682429042&ga_hid=101073335&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2eb32006cf9778bb101720836a0141a0dc1cf8498483e6a2bc3133a934bc00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13482
x-xss-protection: 0
google-lineitem-id: 6182682175
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138424532569
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 107ms
62ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304190101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43560cd6cd441d8761b4db45dedb30e26677e3e578a5f48f3ed2fe2493ca6cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11303
x-xss-protection: 0

GET
H2 200 container.html Show response
459ce04ab19dbf5d3ba01c224fb7aab5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8C56 6 KB
3 KB 108ms
22ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://459ce04ab19dbf5d3ba01c224fb7aab5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 13:24:02 GMT
expires: Wed, 24 Apr 2024 13:24:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
160 B 30ms
29ms XHR
text/plain 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: application/json

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7bd6e76ab8783654-FRA

GET
H2 200 9579186847410300778
tpc.googlesyndication.com/simgad/ 164 KB
165 KB 50ms
10ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9579186847410300778?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cc56be71f6e9f4103ea28dbd4e3f435288c26bba0015c66ca49b117e46a35ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:27:30 GMT
x-content-type-options: nosniff
age: 240992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167902
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 16:09:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 18:27:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 203F 0
26 B 48ms
48ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvierhaAgbV0ANYZxlLjio8isP2M2ZmMm1M59CGCkzbEfL82Bzw3MXs4qI_KIO3_iZIOtO63WaQgjEYVLHvNyiO8LOSEcWpbztxZQgtIYOXqnI2mrnBxNcBp8pNfXDCz0PuO4_snP513huEhjDtPZK96hwV_FjM8l8LBetnzRY7peSXm_Rmc918hKEGCpO44l2FTtFiToPcpGSkPrRTd9iW2gbjQDNnKctBiT2M3tmcRtnVbt-cVPcX33bG6l-lCxOmpBwQ6uDQE7UXTcVO6sPO4qzUsRTmQ5mnXNP8ZRvq1hh4dSoR0oS9qt6E7X9cxW8qYFeTedoBUhKiDfL20SCiZRDkulbckWCy2nNK__KSgNAnRof2Q&sai=AMfl-YSLNPieqODa16PblM2beVAgH6c1wOiD9tc__E-L3zjl39hq_02LZ5Vk5BK0sfIpCpALjAFCgHpd40-OsK6PJQSSirgzyAj3DFvZxg9tBLFQkCTgO-K4ISJ0HwxvIA&sig=Cg0ArKJSzNK0v4QE4JMrEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F9DE 0
0 48ms
48ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVVc5F59xkbClcEJJuDM0YJUnG57WGTbfwpfKCdAAjvM57aGpHEHQM12FczBZJ-tmgVcV7gMqcRX0q5hOi9056dgfoRus0epERUntZd4Ja6GmobwwoawJTAP9bD_KyAVBaKoAWlJcVuE9r5OX9sjIu1xgpl8gw1T8BhrQtzxEpt6qh_nIMcQtF5KLyietgYLujLUS2idiIhf5QjtzrJnArwgPO6DAVPFR65f_RHgjhsBOkl06yHRdrWzu7L99H6vTPYrcJd5nNb35hfu3ZrM9_PObVl7dfwS2HBodrgkquETmvgZ1MGg-BZO_GVhcRbyjaw615VJcwqxN3DL7wqPSDnLlJ-JndYD9I3o5aQmy1&sai=AMfl-YS2e8Gezb3p6y6xQqPC5CacWn8EgpGqa7ubC-tbnR3kEZ7_8P9Zc2G6woPDac_Vs9doH6NUCdeo9wsZaIHSnJVfauEd0uIta6VWDAVIGev9wXM_8cRbACXcYl9fZA&sig=Cg0ArKJSzPEReEtZX5dTEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 tag Show response
a.teads.tv/page/130102/ Frame F9DE 752 B
812 B 99ms
48ms Script
application/javascript 88.221.169.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/130102/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 120be5c1f0c3158ea3f36d14321d28e8bad8f3c6fcf6eadd240020c1836eff98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 470
expires: Tue, 25 Apr 2023 14:24:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9DE 159 KB
49 KB 63ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:24:02 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame F9DE 326 KB
111 KB 56ms
18ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: 8T8WAHNWPXR3KCDR
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=55177
accept-ranges: bytes
content-length: 113597
x-amz-id-2: +hNLfa3SAo4uH/Z76jiUqIRJVPgF7Ly9KGOiMDYorApIdiT5byivdkxaJZbLSI0F1ucX11k7p7E=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B056 0
0 86ms
84ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4vP2zh2M2sltJcB95n-cCthcr_tq5acBkV7tDwqJemt4ihv7njQ0OfeMtFttNoI8hRr2V8pAjlf30anFxZWaIYzrhKFdc-7JTQJitp2C0-ICV_G3faYaoPQzjIJLHvDfdJvSmENXmCnrDPhWyh5WhC-Q_oGaAeSx9F-VQB_cK1zhkSbllcz-1O9_Ok6ZKqAfZYHjmlcB-_taxwjhqdzT3AyDGqK8i_DnfeZHzwElboqtEW--c3B4mOwQcw9Tuo4mdaRKrVcsDj6oI0eu63SWB-olEeRUDKH-vNbxKlUKd8Wo7O04HeDfoSKNVXHqrikQDi_vEskTNDwxDvGB9ppZuBY8nTVoY0wHKTeNpgFr3SXNqIA&sai=AMfl-YT7A7Fs1L_9_A5AEVlrkP74ca-gUSxW75G8ef0NrKp70kdLIhUxJdF4UCM3FXsybkJCCDU3nS92y2vFP2AlTuQu2jaLrd3yAkFouJN84WqNYVbETJFQz6Q_AMMl3A&sig=Cg0ArKJSzMSeTCDcJ_M3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B056 159 KB
49 KB 65ms
58ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:24:02 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame B056 326 KB
112 KB 14ms
10ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: 8T8WAHNWPXR3KCDR
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=55177
accept-ranges: bytes
content-length: 113597
x-amz-id-2: +hNLfa3SAo4uH/Z76jiUqIRJVPgF7Ly9KGOiMDYorApIdiT5byivdkxaJZbLSI0F1ucX11k7p7E=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A7A2 0
0 67ms
66ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxFnaOEnuQsCR2UxEYzNuAW_AWppyUzCbZWtvT2hVNGZXuo1lR2bme4k1Ns-1UqmJiOXsIERglIfXgH-XYDESPobFk23ABEZt3po_6Y_or1ZkD57pOKx9p0WWWiRNPo6hCoXIpF2tLQ7MV0jOMzriZI9KeGrzB8hqQUFlf3Q7NxLkgMUdUdJVxlH-yiMUzl91ZxgTzSLJM5Y-xo5rAvs4uBRJEhqVOfAF_Ss8IPmF9RXoOvOU1HUoH-3TO1QCmYcgLMIUHzyLU0ig9twt9qVg1H_qFY6KNutaRhz9haRP7IADafg_OaveXmHU2VS4FjWS6h5at9YJ-QigWxOrsTq0JxA6ZD-5okGpuBJAhM4PO7Ea3qQ&sai=AMfl-YSPSEmbkHiY3eFnEd7GI9FMul-5or9RS6Qn6IPVLsQTsSrSO_shfhPT48q3oYDOVJCbzWYfpuM-EoEl_iecnlYS9XIw4oaEvwLRO5eeLI_34568KmLcHqCPkJI3Zw&sig=Cg0ArKJSzAPJYRPBjVZ2EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame A7A2 3 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 16:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 16:26:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A7A2 159 KB
49 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:24:02 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame A7A2 326 KB
112 KB 46ms
44ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: 8T8WAHNWPXR3KCDR
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=55177
accept-ranges: bytes
content-length: 113597
x-amz-id-2: +hNLfa3SAo4uH/Z76jiUqIRJVPgF7Ly9KGOiMDYorApIdiT5byivdkxaJZbLSI0F1ucX11k7p7E=

GET
H2 200 5027517339664842723
tpc.googlesyndication.com/simgad/ Frame A7A2 72 KB
72 KB 12ms
11ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5027517339664842723

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1e779400a82dc66165854384cab22bed09762f0d1b9d5e0da2a31563adb740c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 09:29:36 GMT
x-content-type-options: nosniff
age: 14066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74079
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 18:06:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 Apr 2024 09:29:36 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 200E 0
0 81ms
46ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCJso9_GU8Q6Nyj-27c0ZLSaobJ_4zd3-Ds0Z1L0T9N3ghHdG-XFQuZg5BBN37BYUqnH3t-hKpDcV6KMpcquILjmdDLmhCyJvPVGvAijTQq4pVBqhAOJRVnlhUBPvpwiOaV8eat3v_KBYbfQIT1Pp2oYeYWftoetl2RJqP2X3ncE_FIOBSdlfVJJ37JAClI2NpXnCJ3JCi6e26GLKfVoV09dztV4wItV6aN2ICqyZqF8Bxghh8WKR82Y63BO0cD9Bm1h6B3PB5ElR43Douje_D9Zu5HMifMIk3VI3BXhzQfhu5naUfq8W6yudIS8RLbatFinWBO7Fue1DUp1x6PgH6a908vdzZFhPMKfhX4NuE&sai=AMfl-YR2p5WSCZbRQwz07gJr5Rh2QvD_-pL54gZmJp96squrXsch_ZrXGbySnMQCB_ENFVU2lgxvl-EFTtbQnoWcGgGFILGTSZZVjf4LPV7jF0Bf5GZQ3cVaBsnUZcEnJg&sig=Cg0ArKJSzOk3xdfE-3XAEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 200E 3 KB
1 KB 46ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 16:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 16:26:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 200E 159 KB
49 KB 67ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:24:02 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 200E 326 KB
112 KB 50ms
5ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: 8T8WAHNWPXR3KCDR
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=55177
accept-ranges: bytes
content-length: 113597
x-amz-id-2: +hNLfa3SAo4uH/Z76jiUqIRJVPgF7Ly9KGOiMDYorApIdiT5byivdkxaJZbLSI0F1ucX11k7p7E=

GET
H3 200 4420048525364726350
tpc.googlesyndication.com/simgad/ Frame 200E 40 KB
41 KB 47ms
12ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4420048525364726350

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0024799439eb23b1b2336e7556d2d6961d34fddda504dc7603352aaa1b65392a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 09:36:02 GMT
x-content-type-options: nosniff
age: 13680
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41460
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 20:13:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 Apr 2024 09:36:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 200E 0
0 63ms
17ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3hOvY0MWLYPEG-fD_tqoYvu7iuKyrlOxXMnPbp5-qLTjlYvbwIousL46EcOoV8IVDAuKA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame A7A2 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8273ee34cdcec9eb161f107527d8288af7a30e0d1bd7b619f59b23df3599a8cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 200E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4ebf694007345c59a43e021e4613ae6f4675aa14c81a9de4884091189d5d7dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FC40 0
0 58ms
47ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdNhutSo-QmQP0FgNuchNcYnvNtDx7hgUPCL9tIu6ueGwgjr8N5ZNcX8Osiglh_egXS3mstvk9WbaAku6P8yIQ6le8YBUEemC_0dbIIYKLsKTTOmr-5rJm-7SOgOJSqx5of5nzIJG_8l4dPoAXR6hfsNRFH9OmUQfQGFJQ0Km0-Y8nHgnGHMMFwsCs9QU3_6t9Hu4siXS-TDH-cbl0U3YXNNjse1patwS5ViTFOW5azJTonVxuWIqGTA1X3o_POzI21R60B3MQwkg35IYcMKpt7xIGII7l82U-04mVOQ9rWqPfm8mUVrIdU3i8BA4VrpcwjdRoxTkmvKdbv7Hd20NogqnUo9MI1pO6UXsO86SLB8HqBQ&sai=AMfl-YQnK2M6qRyo1WtlE8n53Xmky4l9fg-oQ73wl4ldDtcEoOPJIeNKDiBHY77zuafZ-4CEUil-FK1qE1NoZAeHLSKuZBiGRfR7njG83U4yqgd_8q8YDpUx8k6de7Pcaw&sig=Cg0ArKJSzK8jBIS4J7AhEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame FC40 3 KB
1 KB 32ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 16:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 16:26:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC40 159 KB
49 KB 42ms
29ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:24:02 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame FC40 326 KB
112 KB 25ms
12ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: 8T8WAHNWPXR3KCDR
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=55177
accept-ranges: bytes
content-length: 113597
x-amz-id-2: +hNLfa3SAo4uH/Z76jiUqIRJVPgF7Ly9KGOiMDYorApIdiT5byivdkxaJZbLSI0F1ucX11k7p7E=

GET
H3 200 3903155024297357659
tpc.googlesyndication.com/simgad/ Frame FC40 63 KB
63 KB 31ms
22ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3903155024297357659

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4525a5f3847a9166fe1e883fd275951bf489526dd0d239acbf3118d0c80cec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:27:30 GMT
x-content-type-options: nosniff
age: 240992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64146
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 16:08:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 18:27:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FC40 0
0 30ms
18ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6NjVw-XZrY3u5cPTUhOUM9Cp6TnRoLQPwBL6s0cr5HgjlKlEkXS0AmqTUVgzaQ2rdctr8
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4F29 0
0 58ms
50ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfzqgMtHRCOUbUiocjCiOw1D34yBZ2SHS7Oa7cGI7iL-vY23NoujlY1vdy9wS6ZRkJt3t4uq6liQRvgxGCTdWpUQhdnJuU2_Wj3ZNVcKpyPkCSPjpJQvcjkTX2GmeQtyyLas2b49upUFJbrSioqAwbkOyJebygSxSPVh0JFoxbmcgcH4D7gsclBCqwfZzzNyHWqnQcZc9c8MTHOZbYn2vDgcwEpvCiyXArWkYfSrKI0CfccqQrGFK0k4MhUMBpWr7b2UboiC7PAeEVL-1jM28ol4TX2aF8YbJKuSEs-w7JYlzRI8RlUV42KSvGyc9TVCGCg0TyQ66W3Dju0ySSOLWIa2zX1983Z9vKGvSZ2wD8yupdJ7ahFRTR1mu6mUPUJyWIEUqZSRQ&sai=AMfl-YTlqLQSPNv6kUpajPpsfHem_CzVbkdGGd6spdzwM7-mVzK06jS_edG23pFyGwnWmqt7WUtCH03h7w_4xZi-CWej4ioyeFcu6FwcupgDhgl97vWv4uBh3tBwCajRSg&sig=Cg0ArKJSzJWz-OW6aBHvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ Frame 4F29 94 KB
33 KB 22ms
14ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:01 GMT
server: nginx
etag: W/"62f659d5-1787d"
vary: Accept-Encoding
x-hw: 1682429042.dop141.fr8.t,1682429042.cds015.fr8.hn,1682429042.cds001.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33357

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F29 159 KB
49 KB 30ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:24:02 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 4F29 326 KB
112 KB 15ms
7ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: 8T8WAHNWPXR3KCDR
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=55177
accept-ranges: bytes
content-length: 113597
x-amz-id-2: +hNLfa3SAo4uH/Z76jiUqIRJVPgF7Ly9KGOiMDYorApIdiT5byivdkxaJZbLSI0F1ucX11k7p7E=

GET
H3

200

12467602288992818312
tpc.googlesyndication.com/simgad/ Frame 4F29
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfzqgMtHRCOUbUiocjCiOw1D34yBZ2SHS7Oa7cGI7iL-vY23NoujlY1vdy9wS6ZRkJt3t4uq6liQRvgxGCTdWpUQhdnJuU2_Wj3ZNVcKpyPkCSPjpJQvcjkTX2GmeQtyyLas2b49upU...
https://tpc.googlesyndication.com/simgad/12467602288992818312?

82 KB
82 KB

16ms
15ms

Image
image/png

2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12467602288992818312?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d096af42115c0c32540183692f5608c358e8812fd6ccabb7ae8743263c0cc895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 05:04:29 GMT
x-content-type-options: nosniff
age: 29973
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83499
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 17:46:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 Apr 2024 05:04:29 GMT

Redirect headers

date: Tue, 25 Apr 2023 13:24:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: https://tpc.googlesyndication.com/simgad/12467602288992818312?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Dark_Reading_Logo.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/ Frame 4F29 5 KB
2 KB 20ms
12ms Image
image/svg+xml 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/Dark_Reading_Logo.svg?quality=80&format=jpg&width=222

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0e198a2d521948c31a85eff04b881542d8b31d8b5824f900a950ea34bf5ef811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 53829
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Dark_Reading_Logo.svg+xml
fastly-stats: io=1
content-length: 2021
x-request-id: 77944
x-served-by: cache-ams21058-AMS, cache-fra-eddf8230073-FRA
x-runtime: 99ms
x-timer: S1682429043.634211,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 24, 1

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=101073335&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&dp=%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&ul=en-us&de=UTF-8&dt=Tangled%20Up%3A%20%27Tomiris%27%20APT%20Uses%20Turla%20Malware%2C%20Confusing%20Researchers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=welcome%20ad%20served&ea=6235418606&el=138428976147&_u=aCDACEABRAAAACACI~&jid=&gjid=&cid=1324050391.1682429040&tid=UA-135180592-2&_gid=141940605.1682429040&gtm=45He34j0n81T52Z3Z3&cg1=article&cg2=News&cg3=Threat%20Intelligence&cd1=article&cd2=nate%20nelson&cd3=&cd4=News&cd5=Apr%2024%2C%202023&cd6=threat-intelligence&cd9=attacks-breaches%2Cvulnerabilities-threats%2Cadvanced-threats&cd10=0&cd16=blteef46dc246fe4c3b&cd17=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&cd18=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&cd20=vanguard%20-%20122&z=965788935

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 19:05:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65889
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 13:24:02 GMT

GET
DATA 200
OK truncated
/ Frame FC40 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 784a3b29c458a834055015249fb83e0108927f54bbabfe5f8a93aad795c8a771

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK web.js Show response
ads.celtra.com/b0789f8d/ Frame B056 14 KB
5 KB 407ms
104ms Script
application/javascript 54.224.217.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/b0789f8d/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv5Finh6_XuULn8j5YhZAoAM6yJqog-K0xaa2Vy3KA9ugI8UxJhl44hHWggTG_AT7eQh3kR7IFjSL6h2_wXaTidTvz35ri7fviUn_5F9xqfZUViDBv8tR1wDc2G0FICh__lOuHf4CrOZKx3UxWfT0LrT68z4pIvpmzEJGuoKoX_W-5xZLnVW6xqd64bfiTjn_40ZzZE_y5ZsmyvCzv8yRjD8jAxB0JmVkMRnfsjKEL2D-OvwNJ6ryRogHd_oXCIBoyujG-CKZYawv09LCnpkxPq9qQf0aQdzLidJarEoEqR03VuPXvycR65hJgEkqhyR4a_Y-BtYGI6PEDezWjdZROiNUDRQ67khZhZyt8CAFdVNw%26sai%3DAMfl-YQlQOzyUMhysqpCSWwCKnn9IgiMxYzRT6FDTlqR05k9nf7xUDVSYVEmShDEc2AldPtCrrYnvQP8hL_Mcp956txWgX3vWh5LxxW6Gu6QB87qfWSnS9wzefoqkVX98w%26sig%3DCg0ArKJSzOAKl0DU4s34EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138408218300&externalCreativeId=138408218300&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6182682175&externalCampaignId=3126637845&externalAdvertiserId=5134346611&coppa=0&scriptId=celtra-script-1&clientTimestamp=1682429042.681&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=03625059383588036
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.217.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-217-157.compute-1.amazonaws.com
Software: /
Resource Hash: f4db5bbe3c0e80c2ac55bc794bfb7866ab8c1f361f2dabd0c9a6aff6807805ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: gzip
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 4827
Expires: 0

GET
DATA 200
OK truncated
/ Frame B056 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d24c66538a48f60e421df6dfabbc18e6acbf21642a9118e3dbf1d36a1e1124b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 595 KB
130 KB 10ms
9ms Script
text/javascript 88.221.169.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/130102/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b68ece7589d8880b2d89b65de56d7b16883a79ff5b43242a4a2a33f586fb2c93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:02 GMT
content-encoding: br
last-modified: Tue, 25 Apr 2023 11:52:32 GMT
x-amz-request-id: NPKV93MXKC6ZAX4Z
etag: "e56fa8dba640d6c9a4ac1a35ee8ba779"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: f
accept-ranges: bytes
content-length: 132746
x-amz-id-2: YXKeGBX3U3zj/6fMg5MG5VBGwjajlymND5F4VC7QeTgZoYFyswJnASZLN4s6M158E/fGJVrqBI8=
expires: Tue, 25 Apr 2023 13:54:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A9B1 13 KB
5 KB 11ms
10ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 07:28:49 GMT
expires: Wed, 24 Apr 2024 07:28:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2CF7 783 B
536 B 19ms
19ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

86a9f72eea23158a445ee44c254330dd71fbb44590d381a3263638674ef1ef4e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EtBHfKtfYjWDZP468xlE-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-EtBHfKtfYjWDZP468xlE-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 13:24:02 GMT
expires: Tue, 25 Apr 2023 13:24:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame F9DE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b8f3a71d980837230be848ba61b35be14a5e01f1c3f128e6ff919d3f3e758b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tag.aspx Show response
ml314.com/ Frame F9DE 31 KB
11 KB 56ms
18ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?2532023
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:41:45 GMT
content-encoding: br
age: 2537
x-guploader-uploadid: ADPycds05N20WxWcoJVZcG6TAQy8E5xNu4IYkFUOMyXOJUEPiX7Udh9F0JrpxT0kJCwHY1fLe7l7qX7TIZKXytFBQqlBew
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10526
last-modified: Mon, 10 Apr 2023 17:13:24 GMT
server: UploadServer
etag: W/"b0965f051977c0dd95ffe2c736cac352"
vary: Accept-Encoding
x-goog-generation: 1681146804366265
x-goog-hash: crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: none

GET
H2 200 n.js Show response
geo.moatads.com/ 86 B
259 B 141ms
26ms Script
text/html 35.176.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1682429042818&de=758212045335&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=2&cb=0&ym=0&cu=1682429042818&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4448790601%3A2827245798%3A5674929725%3A138347225724&zMoatPS=video_v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&bo=22316126855&bp=22339890152&bd=video_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1307%3A1900%3A3991%3A1376&iq=na&tt=na&fs=203238&na=32031953&cs=0&callback=MoatDataJsonpRequest_15001855
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.107.138 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-107-138.eu-west-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 001605b45858512de24f64a8d140d23da61ad5b8cd86b359c394d892461e8f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:03 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "9e8a9b2424501e91fe834325d43fc67c6181ec17"
content-length: 86
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 32ms
8ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1682429042818&de=758212045335&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=3&cb=0&ym=0&cu=1682429042818&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4448790601%3A2827245798%3A5674929725%3A138347225724&zMoatPS=video_v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&bo=22316126855&bp=22339890152&bd=video_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1307%3A1900%3A3991%3A1376&iq=na&tt=na&fs=203238&na=796199488&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:02 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FC40 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWJEKCIFn3JfCzhGHO3PYNanZaJaf5h1Cpl6Wyk-eiGT06j55-HqsxE7RzYgCeSabThRpE7TEbWSn9A4vzlZRg4DFsnjbj9LbafjnK7dDHgs9b2JixtK90r9uCIJBFnjMzKic984JO_J-tqBVzfpHE1BUvaOpHW7uLk7cN5CSpxnMEdIXHbP-oJEaDgYofOU7ZvlxG2oXbbbFdMFSEonH_NSEHYS_XjprJCxCO0SOWOBBBfSUjVdfbPhvJFe0SMoComOyUzGzqEVZRikVtsy7DB5KxU75HYNV5vDFOl7lqxwpccHHwWBOomontlTjRIfryKXMYFV80r2-AYGE7dBD7XkIYCWXI-9RSzGr65JO9rOyhT4Ok&sai=AMfl-YQbcsD9cVEXmzvd63im9SichTxm8tfO_UaGT-bjRFheaLaCFiJwFer7erCTBFy_pJLNrgHrKD31mS8RttWtNlIaOkEzL0RlG_D4_VDr9GCOu7Z54TA1ktcBGZQHBA&sig=Cg0ArKJSzCTW9KKS_fO9EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Apr 2023 13:24:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A7A2 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss81vdgL82Fz75Qo7nzm-V-AWgc2UKRMux41zwg0FO70aS9lAm_MDgRNrj7gOtScF8CvHxIrs2rRyAe15sc_NfCxb51D9PD6b5DGRGAunblVXjmvhML5yJAjz7Crt8_vIXzfUtWzvZ6J_VKpO0cXz0tCupM82jUUNo1JCidAkMacyh_Vo_binWnq8IvOJI9Nm3BxMEC5ijZWYqZH1QtP7kg7yXFOZJh51loGuCNG6DoeiAWoWw8rdZuvCunYssOXNV8EpUvt04H4DEtrWZ2MjBXjlCmaGn47ydYYCqOayKkQ5T4Sxr0GWuM2Xv_R23B19hwtze17J4jVP7SEw0au6qCYy91ye2gnImOlzNW083DF7qzaqso&sai=AMfl-YRkPvKKXyCGDy6c2pcbnNFR6g_RJrh1ry3N135ccSsULLz3LfIJeGSFYP78D0tL9bqZANdIK-1Mv3CLZQ2JplW65vxp2MsK5kOVPOOnrFc4EETcZ3cHVUPl-yGq3A&sig=Cg0ArKJSzLU-YbyBsSYxEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Apr 2023 13:24:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4F29 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYIhpDrdg7mm51_KYjwq7CBg5_eai3riBSaGbjLW13OkQn738Rm25R7Dz_UQuPdqTQT0oB-Ngt3bM5UlJV3BV4kR_rcFQDwXkHSJOV4zEC6HDdm5gkF4surcaetuYWo6Bwwz8smzcz5kSl_7WmhshMXl0cirtcknADd5tY7taARiOcaDQYzHVulEZYbIGTR17ZbRm9VsNzyw7ntmsyAzX9FOWdpLtHCxrz_1mIW2uMaYy3jj2C9BFrwUfQaYAJi201Ma7G_zmfnejtFIwiHeeSCfUWookkyfN-3e8HZCJ4twAJvuu0xcQagPR76fVgLT17hrqnayOCwEEZYR2lBMh9lL3MxHfS_uwg5nUaCVcuS5y4QTicrpzs_24&sai=AMfl-YT1ipZaMGWeDSSc21y0oxo6A_i-EagMGZIgw6AwgoupCNEHAr_RqraUyF5vNgPzPhb0cDCclYKQztN0hvdugZAYH86qvlXLRtILuMPZgNwZpNjABz1gDt26e147yQ&sig=Cg0ArKJSzGWQRl13jBESEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Apr 2023 13:24:03 GMT

GET
DATA 200
OK truncated
/ Frame 4F29 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: effef71f30590a013cb002ef58c05a5dba935dd5051660b8af6f90f54404bae0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 200E 0
0 49ms
48ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSqsGj51p3XZofSenhhlzYlLJMG1Ektv0efEE4xoGaXbev-VHrkJHEt6xS1NBppwdxCkz8lvccvcfQbFk8Ntg0kouGDzMEFHhVLrFiMS4_BQzJC1JBi7OsCBpqu6fM8ZEMQmcLdtAj0lkIXVbopjz0t0ziBE6NuwSncpD5xm51E7apX4X4vcY8a63zqMOKQiz9dfCWXBGj74v6GUgeCz7BwwlOqTf6XeTZ5VWvoUQXp6gJ8HrYTeWghvBRsuj6QgLdFmtLDtneaF-U_AzAUV_aytNKYfqruu06TYbpyK4Np--23oOVZ4nBXbUtOr7KsN-_zNSdPsJF3T8EejT3km7MNkV1bgLMCkTHbPZHcOR53SM&sai=AMfl-YRQbsy7ZK4HAC_4S8QmDrN2oYN8Z3ZF7dyQ1yT337ugy9eVNI4Y04re9GA4MFsPzCHQ67A6KVLPUgtzeBJ_-FiAGp6Rfb0pVImeHeXa5U90GZcJOigyvpXI5G5AWg&sig=Cg0ArKJSzMsRelESYNKVEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Apr 2023 13:24:03 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 146ms
67ms Image
image/gif 2.20.65.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=fa941c92-e74b-4d61-b05f-42e449238fd3&pageId=130102&pid=142873&debug_metadata=ZxbBmGGF20&fv=1175&ts=1682429043342&f=1&referer=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.65.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-65-30.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:03 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 120ms
42ms Image
image/gif 2.20.65.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=fa941c92-e74b-4d61-b05f-42e449238fd3&pageId=130102&pid=142873&slot=polymorph&fv=1175&ts=1682429043349&f=1&referer=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.65.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-65-30.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 25 Apr 2023 13:24:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
13ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1682429043046&de=545394308359&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=7&cb=0&ym=0&cu=1682429043046&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=80029947%3A3160627322%3A6235418606%3A138428976147&zMoatPS=welcome_v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1307%3A1900%3A3991%3A1376&iq=na&tt=na&fs=203238&na=1597462704&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:03 GMT

GET
H2

404

404
www.darkreading.com/ Frame 4F29
Redirect Chain

https://www.darkreading.com/sites/all/themes/penton_core_theme/images/ContentPillar_Welcome_1200.png
https://www.darkreading.com/404

238 KB
238 KB

133ms
132ms

Image
text/html

2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.darkreading.com/404
Protocol: H2
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93228b5adec5915bc768e7283facbf43fa9fa1e21fa4c11a571a744bc04f7ecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:03 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-ray: 7bd6e7741e843654-FRA

Redirect headers

date: Tue, 25 Apr 2023 13:24:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html
location: /404
cache-control: public, max-age=7200
cf-ray: 7bd6e7710a803654-FRA
expires: Tue, 25 Apr 2023 15:24:03 GMT

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame F9DE 62 B
309 B 107ms
83ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=62439&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&pv=1682429043372_ndoutdedv&bl=en-us&cb=3842578&return=&ht=&d=&dc=&si=1682429043372_ndoutdedv&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2532023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:03 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ Frame F9DE 20 B
482 B 499ms
166ms Script
application/javascript 34.230.248.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=2532023&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2532023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.248.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-248-86.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 25 Apr 2023 13:24:03 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Wed, 26 Apr 2023 13:24:03 GMT

POST
H2 200 ad Show response
a.teads.tv/page/130102/ 540 B
717 B 66ms
50ms XHR
application/json 88.221.169.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/130102/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&auctid=fa941c92-e74b-4d61-b05f-42e449238fd3&formatVersion=1175&env=js-web&netBw=9.8&ttfb=573
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d3be4ebda7331b027423ce1cc44ece48888e07acc3b0ac5292f48ad4ec623824

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:03 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.darkreading.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 365
expires: Tue, 25 Apr 2023 13:24:03 GMT

GET
H2 200 web.js Show response
cache-ssl.celtra.com/api/creatives/cf175bcd/compiled/ Frame B056 585 KB
586 KB 98ms
20ms Script
application/javascript 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/cf175bcd/compiled/web.js?v=47-600a3e45a0&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/b0789f8d/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv5Finh6_XuULn8j5YhZAoAM6yJqog-K0xaa2Vy3KA9ugI8UxJhl44hHWggTG_AT7eQh3kR7IFjSL6h2_wXaTidTvz35ri7fviUn_5F9xqfZUViDBv8tR1wDc2G0FICh__lOuHf4CrOZKx3UxWfT0LrT68z4pIvpmzEJGuoKoX_W-5xZLnVW6xqd64bfiTjn_40ZzZE_y5ZsmyvCzv8yRjD8jAxB0JmVkMRnfsjKEL2D-OvwNJ6ryRogHd_oXCIBoyujG-CKZYawv09LCnpkxPq9qQf0aQdzLidJarEoEqR03VuPXvycR65hJgEkqhyR4a_Y-BtYGI6PEDezWjdZROiNUDRQ67khZhZyt8CAFdVNw%26sai%3DAMfl-YQlQOzyUMhysqpCSWwCKnn9IgiMxYzRT6FDTlqR05k9nf7xUDVSYVEmShDEc2AldPtCrrYnvQP8hL_Mcp956txWgX3vWh5LxxW6Gu6QB87qfWSnS9wzefoqkVX98w%26sig%3DCg0ArKJSzOAKl0DU4s34EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138408218300&externalCreativeId=138408218300&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6182682175&externalCampaignId=3126637845&externalAdvertiserId=5134346611&coppa=0&scriptId=celtra-script-1&clientTimestamp=1682429042.681&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=03625059383588036
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 5fc21f5225acbc020919c700c7cc2af807ba0e6383f41eeb94f5cb16f7d85396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 08:08:25 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 18937
x-cache: Hit from cloudfront
content-length: 599259
server: Apache
etag: W/"4fe451151f843cd407f10a0844e004b823a48cdc91c98b7850152f0f37419b37"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3769385 2097595
accept-ranges: bytes
x-amz-cf-id: 9n6jts4o4ezqNXHvP-_dYUOBwxtB0ZSbRbEUyuaE8t-M9I31KkTpdg==

GET
DATA 200
OK truncated
/ Frame B056 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 7f7eeb8b-93bd-4074-81ba-61b94b364e63
https://www.darkreading.com/ Frame B056 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.darkreading.com/7f7eeb8b-93bd-4074-81ba-61b94b364e63
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 167
Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2CF7 0
0 70ms
45ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304190101&jk=2384497319690510&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame A9B1 36 KB
14 KB 31ms
11ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 22:51:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 22:51:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 12ms
7ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1682429043056&de=230734243453&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=11&cb=0&ym=0&cu=1682429043056&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5134346611%3A3126637845%3A6182682175%3A138408218300&zMoatPS=300_1v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1307%3A1900%3A3991%3A1376&iq=na&tt=na&fs=203238&na=1538848400&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:03 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 28ms
11ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1682429043068&de=627168284390&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=15&cb=0&ym=0&cu=1682429043068&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&zMoatPS=728_1v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&bo=22316126855&bp=22339890152&bd=728_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1307%3A1900%3A3991%3A1376&iq=na&tt=na&fs=203238&na=1659351322&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:03 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 46ms
44ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F5027517339664842723&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043068&de=627168284390&cu=1682429043068&m=70&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=0&ag=12&an=0&gf=12&gg=0&ix=12&ic=12&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=12&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=23&cd=0&ah=23&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=7_9u71o52ezf0000009u71o52ezf0000009u7&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_9u71o52ezf0000009u71o52ezf0000009u7&iq=na&tt=na&tc=0&fs=203238&na=1488771384&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:03 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
13ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1682429043174&de=53041275679&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=19&cb=0&ym=0&cu=1682429043174&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5006753165%3A2994564374%3A6140096305%3A138409453221&zMoatPS=300_1v_article&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_1v_article&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1307%3A1900%3A3991%3A1376&iq=na&tt=na&fs=203238&na=218286905&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:03 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 9ms
8ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F4420048525364726350&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043174&de=53041275679&cu=1682429043174&m=18&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138409453221&bo=22316126855&bp=22339890152&bd=300_1v_article&zMoatPS=300_1v_article&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=9_mp973dc173900000mp973dc173900000mp9&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=9_mp973dc173900000mp973dc173900000mp9&iq=na&tt=na&tc=0&fs=203238&na=1233251429&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:03 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
13ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1682429043197&de=504399965926&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=23&cb=0&ym=0&cu=1682429043197&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5134346611%3A3126637845%3A6182682175%3A138424532569&zMoatPS=300_2v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_2v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1307%3A1900%3A3991%3A1376&iq=na&tt=na&fs=203238&na=1801846396&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:03 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A9B1 0
10 B 16ms
15ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PkuxlQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
13ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3903155024297357659&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043197&de=504399965926&cu=1682429043197&m=8&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=2&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3126637845%3A6182682175%3A138424532569&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=14_xwbx4si9gj000000xwbx4si9gj000000xwb&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=14_xwbx4si9gj000000xwbx4si9gj000000xwb&iq=na&tt=na&tc=0&fs=203238&na=160343256&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:03 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 9ms
8ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Feu-images.contentstack.com%2Fv3%2Fassets%2Fblt66983808af36a8ef%2Fblt4ff4a7f9bc8e31f7%2F619f4fb0a0cb8076d613e3ba%2FDark_Reading_Logo.svg%3Fquality%3D80%26format%3Djpg%26width%3D222&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043046&de=545394308359&cu=1682429043046&m=531&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=0&ag=109&an=0&gf=109&gg=0&ix=109&ic=109&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=109&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=218&cd=0&ah=218&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=80029947%3A3160627322%3A6235418606%3A138428976147&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203238&na=1076769829&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B056 0
0 49ms
49ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8p_H_P4eYM4QTviw5QrDTJxG6vbPJ2ps6jfADA9XlrMEMs9bg_7MGVG7QwAV0xouYsT0ywQ_EdclOdWSzTnpbrP8TSY9mYz2wmFE85VIQ6NlPGkJwhhSqc3KRZTbpJDkyOm_1gaL1sVNIYDmUAvY-6W1vC3C32rQlz6bRJrjFiw9002Jom6f1Yj5Qr6nNx0ubi2nyfC_F98sE_hT0i6U4ng4jAkKhTHA5eH7A7cVGpbDHyHI7FjI77aEWbM-BC9gbQ2mYWKEOQHWJQOgFzTseA273z72DvYmXxN2eF7QoHmPi3jRr2WpXPMZgQsYvTgYtXHsDLcJS2K1jBfxRnb79_KUtlXXr1X6O0osRTICrsfzMNoMk&sai=AMfl-YRgBDhs1PO8mxaEZym_8CK8Qz_GPZ-xLpdDYTA0r0VXK_hBMbGtoPN1eINefv3M224LTnOxq2ghat01fXn5d_5EAn72YKBbwMaLQ88GzAB6IZawkjlQo5QbbB9qiw&sig=Cg0ArKJSzKprTqcZpkLeEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Apr 2023 13:24:03 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjgyNDI5MDQzeGJmN2M1YjkyNjZmYTY4eDM1MTY1NDczIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5NDU4ODQ5MTQ1MDY0MDg4IiwiaW5kZXgiO...
track.celtra.com/json/ 35 B
242 B 398ms
92ms Image
image/gif 52.205.217.24

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjgyNDI5MDQzeGJmN2M1YjkyNjZmYTY4eDM1MTY1NDczIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5NDU4ODQ5MTQ1MDY0MDg4IiwiaW5kZXgiOjAsImNsaWVudFRpbWVzdGFtcCI6MTY4MjQyOTA0My45MzcsIm5hbWUiOiJjb250YWluZXJCZWNhbWVWaWV3YWJsZSJ9XX0=?crc32c=581049968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.217.24 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 25 Apr 2023 13:24:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F9DE 0
0 77ms
70ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjPW7Lpfil7WIJmKTcgXZI07IYGhngfP-VjOPDl4f_cEhXDdCdMNkjem2PxmMTkgmgQK4KpS8ClFg-bqtFiurKunC5yAu3nmPSjKia8LFxgAoXknJRQ4cgKh4Zoe9fyuiKnnAN8o_vrzCqyAWV6pV59YZm_JHoogZv89kWK8Q8X9ArMcCzxznJyxZ4AK8UXm6czp0liwc4QObEiO2MpEREUEzu7gZp-wMMXE21aY7XXFCthBs9rYoRd7QK0gShjPDjfHnMK4mwfjwZY4DLG7zThJ3tUXV6X7ziJ23JpN69O4cYK0taUmG3hPup3nFNjxCYdSACxkmNSc_-Amm5APsl-lzofuBLibD5lu76YLQ-Blk&sai=AMfl-YSntvEQeCgwZlqAXkZfQZEhZrUG4Ed6AbUiuC4KqYwT-J8UPTuKjcZkteGP4sLA71rSWX29Z0DIfp-cNgwTikdAdZ3GH7aiyOHBJJ8pbUbuDpjBiN7_ekOhM7s0Hw&sig=Cg0ArKJSzCHg712CLMHcEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Apr 2023 13:24:04 GMT

GET
H2 200 1454a71d-cdbb-429c-8092-122f4493e0c7.woff
cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/ Frame ADB3 15 KB
15 KB 36ms
13ms Font
application/font-woff 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/1454a71d-cdbb-429c-8092-122f4493e0c7.woff?subset=%20()-012345679%3AABCDEFGHILMOPRSTUVWabcdefghijklmnopqrstuvwxyz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: df41b52bef5601ae2a5f11ef99f43c96cefa52dc6209650c659ab843247ac769

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:43:45 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 a690b5bb67b6ba6a36855367ce862e7c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 5269219
x-cache: Hit from cloudfront
content-length: 15264
server: Apache
etag: "df41b52bef5601ae2a5f11ef99f43c96cefa52dc6209650c659ab843247ac769"
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 954386 311
accept-ranges: bytes
x-amz-cf-id: guLvlZuDJWGgophqNOBqko0D6VnjfyAb4a0X0ej4i2T2qRUCfV-udg==

GET
H2 200 57625f96-ca80-4602-9644-ec1803cb3ba3.woff
cache-ssl.celtra.com/api/fonts/monotype_tradegothicnext400n/3_78b829381fc6cb8a15b0da13bda2ee2fe6786c2b2c1c7b121149bf4daf6870f6/ Frame ADB3 9 KB
10 KB 34ms
15ms Font
application/font-woff 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/monotype_tradegothicnext400n/3_78b829381fc6cb8a15b0da13bda2ee2fe6786c2b2c1c7b121149bf4daf6870f6/57625f96-ca80-4602-9644-ec1803cb3ba3.woff?subset=%20%27%2C-.012359AGLMPRSTabcdefghiklmnopqrstuvwxyz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 0a3b299d521e53b9a93e4325b4ef529fe8cb25bf34d0cf9c3390b27bdb670bf3

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:34:07 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 a690b5bb67b6ba6a36855367ce862e7c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 5269797
x-cache: Hit from cloudfront
content-length: 9644
server: Apache
etag: "0a3b299d521e53b9a93e4325b4ef529fe8cb25bf34d0cf9c3390b27bdb670bf3"
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 852330
accept-ranges: bytes
x-amz-cf-id: JUXygNQ_Ak8LinpCh9nJQDU9pMpu9ea3R0YNOmBsCNZy9WRZPA-GCw==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 18ms
18ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043068&de=627168284390&cu=1682429043068&m=1071&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=1&ag=1055&an=12&gi=1&gf=1055&gg=12&ix=1055&ic=1055&ez=1&ck=1055&kw=785&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1055&bx=12&ci=1055&jz=785&dj=1&aa=0&ad=907&cn=0&gk=907&gl=0&ik=907&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=785&cd=23&ah=785&am=23&xd=00&rf=0&re=1&ft=907&fv=0&fw=907&wb=1&cl=0&at=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=7_9u71o52ezf0000009u71o52ezf0000009u7&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_9u71o52ezf0000009u71o52ezf0000009u7&iq=na&tt=na&tc=0&fs=203238&na=1035912415&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:04 GMT

GET
H2 200 Resource%201.jpg
cache-ssl.celtra.com/api/blobs/00bd0ac06387a74733638808caede21736a9d85e29a3f4fbf9de7d464503d4fc/ Frame ADB3 1 KB
2 KB 10ms
10ms Image
image/jpeg 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/00bd0ac06387a74733638808caede21736a9d85e29a3f4fbf9de7d464503d4fc/Resource%201.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 98d5f47ce708af70a5d6dd30d620861d77dd7021ccc4a7b2dd6310703ad6808c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:58:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 7151123
x-cache: Hit from cloudfront
content-length: 1157
server: Apache
etag: "98d5f47ce708af70a5d6dd30d620861d77dd7021ccc4a7b2dd6310703ad6808c"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 11112683
accept-ranges: bytes
x-amz-cf-id: 49QK7ZTWNMXWGd7TxHKhH9J-p3ELK9HmlrkTo1PWqL4Pj4JDMnIzyg==

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FC40 42 B
174 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYljRmZGO5z_Cxq6Ykh77N8-xKs3pi_rt5fhE4zFlrQdDaadDAUjo3O3z6dRbLpGyD7OaqLG6hlmS0JOxNDUt6F4di0KiG0hGeHs9Wua0g3mli3fYL&sig=Cg0ArKJSzOi4uD9L3ZWIEAE&id=lidar2&mcvt=1097&p=337,988,588,1289&mtos=1097,1097,1097,1097,1097&tos=1097,0,0,0,0&v=20230419&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3536289636&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682429042580&rpt=404&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4F29 42 B
108 B 89ms
89ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXeofOdGmHHPVkLrZ6sJOTbPScItxKCnAb52JEC_c-RXMbfX0aprJdeFshs4MnmhAGBOSoQ-jFuUNplFGvQn0FmxXAYJJ5G_e2w3_d7zfuyNSbmvcY&sig=Cg0ArKJSzA0uO3SMwWcAEAE&id=lidar2&mcvt=1102&p=0,0,1200,1600&mtos=1102,1102,1102,1102,1102&tos=1102,0,0,0,0&v=20230419&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2734278250&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682429042615&rpt=428&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A7A2 42 B
108 B 81ms
80ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGUtxqgOPKZp_mL6bRuX-tVLln8pm_oG4fozONIOKn6cjIz2Oyi78S7pEaDoRghglz1bX85phAy_Fm5WQIvzft-OWm8T6jsWKW60FQCvCG17pvQw8f&sig=Cg0ArKJSzPL7gFuGzgAwEAE&id=lidar2&mcvt=1106&p=126,436,216,1164&mtos=1106,1106,1106,1106,1106&tos=1106,0,0,0,0&v=20230419&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1464948156&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682429042498&rpt=510&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Resource%202.jpg
cache-ssl.celtra.com/api/blobs/3de906857ebea135bd9eadaafa09fd36512d1afe30d637224bbbdcb35fd2b79f/ Frame ADB3 23 KB
23 KB 16ms
14ms Image
image/jpeg 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/3de906857ebea135bd9eadaafa09fd36512d1afe30d637224bbbdcb35fd2b79f/Resource%202.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: fe3793161a079022ba6b14586d94b6dd9ffd7c984d2eaa622f89b6295908d376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:14:00 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 5271003
x-cache: Hit from cloudfront
content-length: 23505
server: Apache
etag: "fe3793161a079022ba6b14586d94b6dd9ffd7c984d2eaa622f89b6295908d376"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1573566 1639924
accept-ranges: bytes
x-amz-cf-id: rXeAJRhLYdxLQi8fR1Z-YK8qDb2ujCBi-Nr7348BVidgntzihJzPbw==

GET
H2 200 Resource%203.jpg
cache-ssl.celtra.com/api/blobs/86f8efe2e5ca90ab443c7a18ed904b21b9906a9f7fdd62ec66b701e6deea765b/ Frame ADB3 29 KB
30 KB 42ms
40ms Image
image/jpeg 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/86f8efe2e5ca90ab443c7a18ed904b21b9906a9f7fdd62ec66b701e6deea765b/Resource%203.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 360bf72946be674a29662a903109f5b291d342e3feb13bddc11ef9afa6d1a878

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:16:29 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 5270854
x-cache: Hit from cloudfront
content-length: 29795
server: Apache
etag: "360bf72946be674a29662a903109f5b291d342e3feb13bddc11ef9afa6d1a878"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1935388 2163645
accept-ranges: bytes
x-amz-cf-id: aeO7CrLfNvB6aQKwnNajafN3L9Nr-BcxdMYPBjAW0CVufzt_gvmIMQ==

GET
H2 200 Resource%204.jpg
cache-ssl.celtra.com/api/blobs/3e1e1d21511e877450b57c99c3cad9b3f1ae17bcda491b87fe0c3fc75011c972/ Frame ADB3 2 KB
3 KB 56ms
55ms Image
image/jpeg 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/3e1e1d21511e877450b57c99c3cad9b3f1ae17bcda491b87fe0c3fc75011c972/Resource%204.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 41f249ed37229c7cee7624e6c1fbd951cf92234e66486d0ff5a9e3bd5bfe1ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:58:40 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 7151123
x-cache: Hit from cloudfront
content-length: 2059
server: Apache
etag: "41f249ed37229c7cee7624e6c1fbd951cf92234e66486d0ff5a9e3bd5bfe1ab4"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2037199
accept-ranges: bytes
x-amz-cf-id: BsGH7mb3q2xb7quxg8kg9Lbh0n86S1mti50C1_36YRGZN7Folr_S7g==

GET
H2 200 Resource%205.jpg
cache-ssl.celtra.com/api/blobs/071d1277f68eb1729a80ebaf6aa99d30ee77b864de435fd9f10cb2237c802b3f/ Frame ADB3 1 KB
2 KB 55ms
55ms Image
image/jpeg 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/071d1277f68eb1729a80ebaf6aa99d30ee77b864de435fd9f10cb2237c802b3f/Resource%205.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: a32859088eccbb0664dcca21d89cbf59007c70c6d28b655ea30c1014ac5e954d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:56:38 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 7151245
x-cache: Hit from cloudfront
content-length: 1066
server: Apache
etag: "a32859088eccbb0664dcca21d89cbf59007c70c6d28b655ea30c1014ac5e954d"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 7902868 10129191
accept-ranges: bytes
x-amz-cf-id: LRsrBI6zEm03XYGXC15tIRAR-a3NlWLlFiYmUAmW0cLSppg5Y9Lemw==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjgyNDI5MDQzeGJmN2M1YjkyNjZmYTY4eDM1MTY1NDczIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5NDU4ODQ5MTQ1MDY0MDg4IiwiaW5kZXgiOjEsImNsaWVudFRpbWVzdGFtcCI6MTY4MjQyOTA0My45NzIsInNjb3BlIjoiZ2xvYmFsIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMi4wLjU2MTUuMTIxIFNhZmFyaS81MzcuMzYiLCJvcmllbnRhdGlvbiI6MCwidG9wbW9zdFJlYWNoYWJsZVdpbmRvdyI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwfSwiaG9zdFdpbmRvdyI6eyJ3aWR0aCI6NSwiaGVpZ2h0Ijo1fSwibmVzdGluZyI6eyJpZnJhbWUiOnRydWUsImZyaWVuZGx5SWZyYW1lIjp0cnVlLCJpYWJGcmllbmRseUlmcmFtZSI6dHJ1ZSwiaG9zdGlsZUlmcmFtZSI6ZmFsc2UsImlmcmFtZURlcHRoIjoxfSwicGFnZVZpc2liaWxpdHlBcGkiOnRydWUsInJlcXVlc3RBbmltYXRpb25GcmFtZSI6dHJ1ZSwidG9wV2luZG93TmF0aXZlUkFGU3VwcG9ydGVkIjp0cnVlLCJhbGxvd05vbk5hdGl2ZVJBRkZvclZpZXdhYmxlVGltZVVzZWQiOmZhbHNlLCJjbGllbnRUaW1lWm9uZU9mZnNldEluTWludXRlcyI6MCwic3VwcG9ydHNDb250YWluZXJWaWV3YWJpbGl0eSI6dHJ1ZSwic3VwcG9ydHNDb250YWluZXJJbml0aWFsVmlld2FiaWxpdHkiOnRydWUsInRhZ1BhcmVudFdpZHRoIjowLCJ0YWdQYXJlbnRIZWlnaHQiOjAsImFtcERldGVjdGVkIjpmYWxzZSwiYW1wTmVzdGluZ0xldmVsIjoiIiwic2FmZUZyYW1lRGV0ZWN0ZWQiOmZhbHNlLCJmZXRjaFN1cHBvcnRlZCI6dHJ1ZSwiYXNhcEVuYWJsZWQiOm51bGwsIm5hdGl2ZVByb21pc2VzU3VwcG9ydGVkIjp0cnVlLCJiZWFjb25TdXBwb3J0ZWQiOnRydWUsIkludGVyc2VjdGlvbk9ic2VydmVyU3VwcG9ydGVkIjp0cnVlLCJpc011dGF0aW9uT2JzZXJ2ZXJTdXBwb3J0ZWQiOnRydWUsIndlYlZpZXciOm51bGwsImlzV2luZG93T3Blbk5hdGl2ZSI6dHJ1ZSwicHJvdG9Mb2FkaW5nIjp7ImRhdGFMb2FkU3RhdHVzIjoic3VwcG9ydGVkIiwiYmxvYkxvYWRTdGF0dXMiOiJzdXBwb3J0ZWQifSwidG9wV2luZG93TG9jYXRpb24iOiJodHRwczovL3d3dy5kYXJrcmVhZGluZy5jb20iLCJ0b3BXaW5kb3dMb2NhdGlvbkxlbmd0aCI6MjcsIm5hbWUiOiJlbnZpcm9ubWVudEluZm8ifSx7InNlc3Npb25JZCI6InMxNjgyNDI5MDQzeGJmN2M1YjkyNjZmYTY4eDM1MTY1NDczIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5NDU4ODQ5MTQ1MDY0MDg4IiwiaW5kZXgiOjIsImNsaWVudFRpbWVzdGFtcCI6MTY4MjQyOTA0NC4xODQsIm5hbWUiOiJhZ2dyZWdhdG9yIiwibWV0cmljIjoibW9ub3R5cGVVc2FnZVJlcG9ydGVkIiwidmFsdWUiOjEsImN1c3RvbURpbWVuc2lvbnMiOnsibW9ub3R5cGVQcm9qZWN0SWQiOiJjNDZlZDA5MC0zNjcxLTQxNjMtYTg1Yi1iMDZiNDAzOGFlMzgiLCJjcmVhdGl2ZUlkIjoiY2YxNzViY2QifX1dfQ==?crc32c=1356699083
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.217.24 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 25 Apr 2023 13:24:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 celtra%20icons_link-wht.svg
cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/ Frame ADB3 737 B
1 KB 55ms
54ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/celtra%20icons_link-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:14:12 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 7992592
x-cache: Hit from cloudfront
content-length: 737
server: Apache
etag: "4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3783264
accept-ranges: bytes
x-amz-cf-id: CEbM05l75q9Qpfd82t4NMwL6nB1fqMoDhi8gcYlOhRcLmntCmmXFHg==

GET
H2 200 celtra%20icons_link-spn.svg
cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/ Frame ADB3 740 B
1 KB 56ms
55ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/celtra%20icons_link-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 08:59:15 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 6236689
x-cache: Hit from cloudfront
content-length: 740
server: Apache
etag: "64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 37925689
accept-ranges: bytes
x-amz-cf-id: RLm-azUTaZqZ1zit2XzhaUxEZGl0D4ou8dl0M1vld2JVNm4ACo-jMg==

GET
H2 200 celtra%20icons_twit-wht.svg
cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/ Frame ADB3 1 KB
2 KB 56ms
55ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/celtra%20icons_twit-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:41:30 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 9531754
x-cache: Hit from cloudfront
content-length: 1503
server: Apache
etag: "06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 53017773
accept-ranges: bytes
x-amz-cf-id: ABwfI6Hm6LcCCTT6cI7ALK4LQy2fYeygsAPknO8hdKVJfqvqavN4NQ==

GET
H2 200 celtra%20icons_twit-spn.svg
cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/ Frame ADB3 1 KB
2 KB 57ms
56ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/celtra%20icons_twit-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:57:25 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 7151198
x-cache: Hit from cloudfront
content-length: 1506
server: Apache
etag: "89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 5975143 75991
accept-ranges: bytes
x-amz-cf-id: nKORxblfBBFY7TT9Dh9L6O9fLWz8B2fMdqu5mE1pmtd4U06a3WTBwA==

GET
H2 200 celtra%20icons_face-spn.svg
cache-ssl.celtra.com/api/blobs/de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183/ Frame ADB3 805 B
1 KB 67ms
66ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183/celtra%20icons_face-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:58:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 7151123
x-cache: Hit from cloudfront
content-length: 805
server: Apache
etag: "de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 10359815
accept-ranges: bytes
x-amz-cf-id: iIR3Cadu_yv7FQl6oUcm3o9DB-RDoDMPAYFgURqDY83TTSPAcetECg==

GET
H2 200 celtra%20icons_face-wht.svg
cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/ Frame ADB3 802 B
1 KB 49ms
49ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/celtra%20icons_face-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:58:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 7151123
x-cache: Hit from cloudfront
content-length: 802
server: Apache
etag: "1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2037202
accept-ranges: bytes
x-amz-cf-id: 0aazbxTn7jyilgcq6cTF4wh1HCi1SsrAd_0XXtCAay8TGaGb_BFOng==

GET
H2 200 celtra%20icons_yout-wht.svg
cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/ Frame ADB3 1 KB
2 KB 49ms
49ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/celtra%20icons_yout-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:58:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 7151123
x-cache: Hit from cloudfront
content-length: 1204
server: Apache
etag: "2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 8135469
accept-ranges: bytes
x-amz-cf-id: Vv7lVh9887_c-GnHMKfrItxN2xmKqIcD0LMzDLA81lXsKwSTd2AESg==

GET
H2 200 celtra%20icons_yout-spn.svg
cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/ Frame ADB3 704 B
1 KB 49ms
49ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/celtra%20icons_yout-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:58:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 7151122
x-cache: Hit from cloudfront
content-length: 704
server: Apache
etag: "41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 10129292
accept-ranges: bytes
x-amz-cf-id: 5zCv8Jc5DiEylm4oXfUx7utDlptj1vT9ZvhPNqygHbN0xjwyMw5b1g==

GET
H2 200 Mandiant%20logo_knockout.svg
cache-ssl.celtra.com/api/blobs/7f805e1c5918c731e981c4806421ac8e14734ed227e306453c846affedd34f49/ Frame ADB3 13 KB
14 KB 48ms
48ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/7f805e1c5918c731e981c4806421ac8e14734ed227e306453c846affedd34f49/Mandiant%20logo_knockout.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 7f805e1c5918c731e981c4806421ac8e14734ed227e306453c846affedd34f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 08:59:15 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 6236689
x-cache: Hit from cloudfront
content-length: 13801
server: Apache
etag: "7f805e1c5918c731e981c4806421ac8e14734ed227e306453c846affedd34f49"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 75827
accept-ranges: bytes
x-amz-cf-id: _zMDZnKTRVGGqTm007c9KyNiCZNN6no_RFE8s7R5E-La5_9_jaZ1Cg==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 13ms
13ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043068&de=627168284390&cu=1682429043068&m=1072&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=1&ag=1055&an=1055&gi=1&gf=1055&gg=1055&ix=1055&ic=1055&ez=1&ck=1055&kw=785&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1055&bx=1055&ci=1055&jz=785&dj=1&aa=0&ad=907&cn=907&gk=907&gl=907&ik=907&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=785&cd=785&ah=785&am=785&xd=00&rf=0&re=1&ft=907&fv=907&fw=907&wb=1&cl=0&at=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=7_9u71o52ezf0000009u71o52ezf0000009u7&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_9u71o52ezf0000009u71o52ezf0000009u7&iq=na&tt=na&tc=0&fs=203238&na=46275014&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:04 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 13ms
12ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043068&de=627168284390&cu=1682429043068&m=1073&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=1&ag=1055&an=1055&gi=1&gf=1055&gg=1055&ix=1055&ic=1055&ez=1&ck=1055&kw=785&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1055&bx=1055&ci=1055&jz=785&dj=1&aa=0&ad=907&cn=907&gk=907&gl=907&ik=907&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=785&cd=785&ah=785&am=785&xd=00&rf=0&re=1&ft=907&fv=907&fw=907&wb=1&cl=0&at=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=7_9u71o52ezf0000009u71o52ezf0000009u7&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_9u71o52ezf0000009u71o52ezf0000009u7&iq=na&tt=na&tc=0&fs=203238&na=719812294&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:04 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 13ms
13ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043068&de=627168284390&cu=1682429043068&m=1433&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=1&ag=1417&an=1055&gi=1&gf=1417&gg=1055&ix=1417&ic=1417&ez=1&ck=1055&kw=785&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1417&bx=1055&ci=1055&jz=785&dj=1&aa=1&ad=1269&cn=907&gn=1&gk=1269&gl=907&ik=1269&co=1269&cp=1066&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1066&cd=785&ah=1066&am=785&xd=00&rf=0&re=1&ft=1269&fv=907&fw=907&wb=1&cl=0&at=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=7_9u71o52ezf0000009u71o52ezf0000009u7&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_9u71o52ezf0000009u71o52ezf0000009u7&iq=na&tt=na&tc=0&fs=203238&na=1157595575&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:04 GMT

GET
H2 200 celtra%20icons_link-wht.svg
cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/ Frame ADB3 737 B
1 KB 33ms
33ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/celtra%20icons_link-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:23:23 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 540041
x-cache: Hit from cloudfront
content-length: 737
server: Apache
etag: "4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 819296
accept-ranges: bytes
x-amz-cf-id: BZ1CjgJYTfydx_YjXUNp_B5OSJ0O21KMns3TnnR_HrdkrvNmmu4STg==

GET
H2 200 celtra%20icons_link-spn.svg
cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/ Frame ADB3 740 B
1 KB 32ms
32ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/celtra%20icons_link-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 09:13:35 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 533428
x-cache: Hit from cloudfront
content-length: 740
server: Apache
etag: "64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 328608 2590658
accept-ranges: bytes
x-amz-cf-id: _D6I39K4zDjTBvcX9WtvTcyg8Cx18I4v5IPr3g80DBintuMYojLvPQ==

GET
H2 200 celtra%20icons_twit-wht.svg
cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/ Frame ADB3 1 KB
2 KB 32ms
32ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/celtra%20icons_twit-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 06:47:57 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 2270167
x-cache: Hit from cloudfront
content-length: 1503
server: Apache
etag: "06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2592167
accept-ranges: bytes
x-amz-cf-id: tjx0GVbfwZCsO1OafBUdyHUY3zIHVOiOCwJA7cv6wo6siJDXDTIy_w==

GET
H2 200 celtra%20icons_twit-spn.svg
cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/ Frame ADB3 1 KB
2 KB 32ms
31ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/celtra%20icons_twit-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:23:23 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 540041
x-cache: Hit from cloudfront
content-length: 1506
server: Apache
etag: "89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1474645
accept-ranges: bytes
x-amz-cf-id: 0WuAMYefkpA0qd2C2RtQolw03ZbmV1SAG_qiRoE8PYBr24-TuQobRg==

GET
H2 200 celtra%20icons_face-spn.svg
cache-ssl.celtra.com/api/blobs/de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183/ Frame ADB3 805 B
1 KB 32ms
31ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183/celtra%20icons_face-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 06:26:55 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 543429
x-cache: Hit from cloudfront
content-length: 805
server: Apache
etag: "de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 40513710
accept-ranges: bytes
x-amz-cf-id: jLfw0X8OsFzaLrOeQV95HFXCpdnbzh-Aw-Ha4qCXuluwX0KR9TvuxQ==

GET
H2 200 celtra%20icons_face-wht.svg
cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/ Frame ADB3 802 B
1 KB 32ms
32ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/celtra%20icons_face-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 15:56:14 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 768469
x-cache: Hit from cloudfront
content-length: 802
server: Apache
etag: "1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4398795 21538925
accept-ranges: bytes
x-amz-cf-id: Qjswhnd2looH0a77s_QxWRXfOrABTGvuXz69v9DSgbLfwpCcY4iRug==

GET
H2 200 celtra%20icons_yout-wht.svg
cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/ Frame ADB3 1 KB
2 KB 46ms
45ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/celtra%20icons_yout-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:23:23 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 540041
x-cache: Hit from cloudfront
content-length: 1204
server: Apache
etag: "2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1146953
accept-ranges: bytes
x-amz-cf-id: 1168GMICVajCHXdWYiGnsw_p90rAj97OHWv3OV8bXY2P4-qbqIFmGQ==

GET
H2 200 celtra%20icons_yout-spn.svg
cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/ Frame ADB3 704 B
1 KB 44ms
43ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/celtra%20icons_yout-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 08:32:14 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 535910
x-cache: Hit from cloudfront
content-length: 704
server: Apache
etag: "41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 230101
accept-ranges: bytes
x-amz-cf-id: VW6yPnW6auWl8yfhGqGOivwIFpYM4rQDE6HTxn2fSWlkvSJyh02_Yg==

GET
H2 200 Mandiant%20logo_knockout.svg
cache-ssl.celtra.com/api/blobs/7f805e1c5918c731e981c4806421ac8e14734ed227e306453c846affedd34f49/ Frame ADB3 13 KB
14 KB 43ms
43ms Image
image/svg+xml 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/7f805e1c5918c731e981c4806421ac8e14734ed227e306453c846affedd34f49/Mandiant%20logo_knockout.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 7f805e1c5918c731e981c4806421ac8e14734ed227e306453c846affedd34f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 07:04:43 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 2269160
x-cache: Hit from cloudfront
content-length: 13801
server: Apache
etag: "7f805e1c5918c731e981c4806421ac8e14734ed227e306453c846affedd34f49"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1284325
accept-ranges: bytes
x-amz-cf-id: 6P-432v9zLljexrnBS15sBFoL0E81yhXubVTR_neIBJfrlV3jMbBzg==

GET
H2 200 Resource%201.jpg
cache-ssl.celtra.com/api/blobs/00bd0ac06387a74733638808caede21736a9d85e29a3f4fbf9de7d464503d4fc/ Frame ADB3 1 KB
2 KB 43ms
43ms Image
image/jpeg 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/00bd0ac06387a74733638808caede21736a9d85e29a3f4fbf9de7d464503d4fc/Resource%201.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 98d5f47ce708af70a5d6dd30d620861d77dd7021ccc4a7b2dd6310703ad6808c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 06:32:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 2530313
x-cache: Hit from cloudfront
content-length: 1157
server: Apache
etag: "98d5f47ce708af70a5d6dd30d620861d77dd7021ccc4a7b2dd6310703ad6808c"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 7101845 32634617
accept-ranges: bytes
x-amz-cf-id: L45Q_G-cUf9UVPCWXQKrbGn4t-BChkxmyGF64QnoSwyA4B2_ke8T4w==

GET
H2 200 Resource%202.jpg
cache-ssl.celtra.com/api/blobs/3de906857ebea135bd9eadaafa09fd36512d1afe30d637224bbbdcb35fd2b79f/ Frame ADB3 23 KB
23 KB 48ms
48ms Image
image/jpeg 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/3de906857ebea135bd9eadaafa09fd36512d1afe30d637224bbbdcb35fd2b79f/Resource%202.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: fe3793161a079022ba6b14586d94b6dd9ffd7c984d2eaa622f89b6295908d376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 12:48:06 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 2248558
x-cache: Hit from cloudfront
content-length: 23505
server: Apache
etag: "fe3793161a079022ba6b14586d94b6dd9ffd7c984d2eaa622f89b6295908d376"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 5537988
accept-ranges: bytes
x-amz-cf-id: 5MoRpanOkIW60m6HisXmYXK-kwlyKMRKRQc2x5LUxRwiPESXafvj5g==

GET
H2 200 Resource%203.jpg
cache-ssl.celtra.com/api/blobs/86f8efe2e5ca90ab443c7a18ed904b21b9906a9f7fdd62ec66b701e6deea765b/ Frame ADB3 29 KB
30 KB 48ms
48ms Image
image/jpeg 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/86f8efe2e5ca90ab443c7a18ed904b21b9906a9f7fdd62ec66b701e6deea765b/Resource%203.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 360bf72946be674a29662a903109f5b291d342e3feb13bddc11ef9afa6d1a878

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:38:32 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 747932
x-cache: Hit from cloudfront
content-length: 29795
server: Apache
etag: "360bf72946be674a29662a903109f5b291d342e3feb13bddc11ef9afa6d1a878"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3220409
accept-ranges: bytes
x-amz-cf-id: lUjMA5FgFcRenUlYJmZgRqw3wq73eWNwXm_H92Fr2f3uCTbYGrbbfA==

GET
H2 200 Resource%204.jpg
cache-ssl.celtra.com/api/blobs/3e1e1d21511e877450b57c99c3cad9b3f1ae17bcda491b87fe0c3fc75011c972/ Frame ADB3 2 KB
3 KB 48ms
48ms Image
image/jpeg 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/3e1e1d21511e877450b57c99c3cad9b3f1ae17bcda491b87fe0c3fc75011c972/Resource%204.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 41f249ed37229c7cee7624e6c1fbd951cf92234e66486d0ff5a9e3bd5bfe1ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 19:51:39 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 754344
x-cache: Hit from cloudfront
content-length: 2059
server: Apache
etag: "41f249ed37229c7cee7624e6c1fbd951cf92234e66486d0ff5a9e3bd5bfe1ab4"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 21800151 5812218
accept-ranges: bytes
x-amz-cf-id: SMbJsGiSxwMCGvt5nxAt_QLRrFGbeKkd-_a1EeYQVDk7OFc1aETAYw==

GET
H2 200 Resource%205.jpg
cache-ssl.celtra.com/api/blobs/071d1277f68eb1729a80ebaf6aa99d30ee77b864de435fd9f10cb2237c802b3f/ Frame ADB3 1 KB
2 KB 70ms
70ms Image
image/jpeg 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/071d1277f68eb1729a80ebaf6aa99d30ee77b864de435fd9f10cb2237c802b3f/Resource%205.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: a32859088eccbb0664dcca21d89cbf59007c70c6d28b655ea30c1014ac5e954d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 13:33:01 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 2073063
x-cache: Hit from cloudfront
content-length: 1066
server: Apache
etag: "a32859088eccbb0664dcca21d89cbf59007c70c6d28b655ea30c1014ac5e954d"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 35002643 6931027
accept-ranges: bytes
x-amz-cf-id: f5Z_qW3qhFrMTQA2IHkVDxvKX0mGfLNaiQnpJKC9gEwL_NbDcPmDvw==

GET
H2 200 user_timeline Show response
cache-ssl.celtra.com/api/twitter/statuses/ Frame ADB3 59 KB
60 KB 31ms
31ms Script
application/javascript 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/twitter/statuses/user_timeline?screen_name=mandiant&jsonp=jsonp_celtra_twitter_proxy_49240
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/tangled-up-tomiris-apt-uses-turla-malware-confusing-researchers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: c908239156f8836a611cbab867eeebbdd9f79a98b968f47a683f6882a8903b61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:21:52 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 131
x-cache: Hit from cloudfront
server: Apache
etag: W/"11a53ac45834b4bfa06f3d865d701a9bbe2d0059f71f81dc09ef1277658cd9e5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=900
access-control-allow-credentials: false
x-varnish: 527692
accept-ranges: bytes
x-amz-cf-id: RodOIJQaGW_rQx5HvJ4zAMtEDYr4_VR4LdeNq_jezNYYEn_NfFPcKg==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 13ms
12ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043197&de=504399965926&cu=1682429043197&m=1307&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=1&ag=1303&an=2&gi=1&gf=1303&gg=2&ix=1303&ic=1303&ez=1&ck=1303&kw=962&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1303&bx=2&ci=1303&jz=962&dj=1&aa=1&ad=1202&cn=0&gn=1&gk=1202&gl=0&ik=1202&co=1202&cp=962&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=962&cd=3&ah=962&am=3&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3126637845%3A6182682175%3A138424532569&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=14_xwbx4si9gj000000xwbx4si9gj000000xwb&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=14_xwbx4si9gj000000xwbx4si9gj000000xwb&iq=na&tt=na&tc=0&fs=203238&na=780553913&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:04 GMT

GET
H2 200 iMac.png
cache-ssl.celtra.com/api/blobs/12ce17071c09b7ca2c5f85386fc887c62a93acbe3992040fe445f7d520351a0b/ Frame ADB3 277 KB
278 KB 30ms
30ms Image
image/png 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/12ce17071c09b7ca2c5f85386fc887c62a93acbe3992040fe445f7d520351a0b/iMac.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 3d238f5d9ce7c53e06aa9d28b552db871fb0bb90a42a544a7ce2ed7c7ae2f07d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 01:39:16 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 c0d9427e69f18ca8f760bff062189bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 6349487
x-cache: Hit from cloudfront
content-length: 283662
server: Apache
etag: "3d238f5d9ce7c53e06aa9d28b552db871fb0bb90a42a544a7ce2ed7c7ae2f07d"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 35167310 12092393
accept-ranges: bytes
x-amz-cf-id: AorPi6ODwXXXkqEWUyaJMPjfDBIU7r8Fur9v_TJFsW-FdYtsc4bo1A==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjgyNDI5MDQzeGJmN2M1YjkyNjZmYTY4eDM1MTY1NDczIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5NDU4ODQ5MTQ1MDY0MDg4IiwiaW5kZXgiOjMsImNsaWVudFRpbWVzdGFtcCI6MTY4MjQyOTA0NC41NCwibmFtZSI6ImNyZWF0aXZlTG9hZGVkIiwidmlld2FiaWxpdHkwME1lYXN1cmFibGUiOnRydWUsInZpZXdhYmlsaXR5NTAxTWVhc3VyYWJsZSI6dHJ1ZSwidmlld2FibGVUaW1lTWVhc3VyYWJsZSI6dHJ1ZSwiY2RuVmFyaWFudCI6Im5vbmUifSx7InNlc3Npb25JZCI6InMxNjgyNDI5MDQzeGJmN2M1YjkyNjZmYTY4eDM1MTY1NDczIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5NDU4ODQ5MTQ1MDY0MDg4IiwiaW5kZXgiOjQsImNsaWVudFRpbWVzdGFtcCI6MTY4MjQyOTA0NC41OTEsIm5hbWUiOiJ2aWV3cG9ydFBsYWNlbWVudEdlb21ldHJ5IiwicGFnZURpbWVuc2lvbnMiOnsiaGVpZ2h0Ijo0NTMyLCJ3aWR0aCI6MTYwMH0sInZpZXdwb3J0UG9zaXRpb25SZWN0Ijp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsImxlZnQiOjAsInRvcCI6MH0sImZpcnN0UGxhY2VtZW50UG9zaXRpb25SZWN0Ijp7ImxlZnQiOjk4OCwidG9wIjoyOTYsIndpZHRoIjozMDAsImhlaWdodCI6Njc1fX0seyJzZXNzaW9uSWQiOiJzMTY4MjQyOTA0M3hiZjdjNWI5MjY2ZmE2OHgzNTE2NTQ3MyIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiOTQ1ODg0OTE0NTA2NDA4OCIsImluZGV4Ijo1LCJjbGllbnRUaW1lc3RhbXAiOjE2ODI0MjkwNDQuNjExLCJuYW1lIjoidmlld2FibGUwMCIsImNyaXRlcmlvbiI6eyJuYW1lIjoiQ29yZSIsInJhdGlvIjowLCJ0aW1lIjowfX0seyJzZXNzaW9uSWQiOiJzMTY4MjQyOTA0M3hiZjdjNWI5MjY2ZmE2OHgzNTE2NTQ3MyIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiOTQ1ODg0OTE0NTA2NDA4OCIsImluZGV4Ijo2LCJjbGllbnRUaW1lc3RhbXAiOjE2ODI0MjkwNDQuNjI4LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6bnVsbCwic2NyZWVuTG9jYWxJZCI6MzgwNDUsInNjcmVlblRpdGxlIjoiUmVzb3VyY2VzIiwic2NyZWVuSXNNYXN0ZXIiOmZhbHNlLCJvYmplY3RMb2NhbElkIjpudWxsLCJvYmplY3ROYW1lIjpudWxsLCJvYmplY3RDbGF6eiI6bnVsbCwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY4MjQyOTA0NC42MjgsIm5hbWUiOiJzY3JlZW5TaG93biJ9LHsic2Vzc2lvbklkIjoiczE2ODI0MjkwNDN4YmY3YzViOTI2NmZhNjh4MzUxNjU0NzMiLCJhY2NvdW50SWQiOiI0NGI3NGIzNSIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6Ijk0NTg4NDkxNDUwNjQwODgiLCJpbmRleCI6NywiY2xpZW50VGltZXN0YW1wIjoxNjgyNDI5MDQ0LjYyOCwibmFtZSI6ImNyZWF0aXZlUmVuZGVyZWQifSx7InNlc3Npb25JZCI6InMxNjgyNDI5MDQzeGJmN2M1YjkyNjZmYTY4eDM1MTY1NDczIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5NDU4ODQ5MTQ1MDY0MDg4IiwiaW5kZXgiOjgsImNsaWVudFRpbWVzdGFtcCI6MTY4MjQyOTA0NC42ODUsIm5hbWUiOiJ2aWV3YWJsZVRpbWUiLCJmcm9tIjoxNjgyNDI5MDQ0LjYxMiwidG8iOjE2ODI0MjkwNDQuNjEyfV19?crc32c=2458954040
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.217.24 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 25 Apr 2023 13:24:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
54ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304190101&jk=2384497319690510&bg=!JiWlJXHNAAYfNdXmPzU7ADkAdvg8WkffTRBUldN0jblMx1fIQ_3DQATBffYZYpWn2_jWrN_tB1vDMwLr44GRWWEoiUY-P2WzGWQCAAACF1IAAAAKaAEHmQLVU-BR28BRUtKkFAyNigmeORDDLyHl_YpEX2v6J6cCRl7KnNENwCyjrN4oBk2zc5FMRdiWytc-h0OZaMl4Yh2NVBuK1Vqx23aLTSvDaGeL34cv1Wb-wOVks9shSGUloa8vmeWq5jy1LNQyvZYT_BhNWxC4c-r2SfxkZ_BHY7PLglklxRk5eRFE-Ct8DqmV4iAJpM-qyIxkWnIOcCxB96SXJrfQDf_ttT8x5pfXOVgwCUKq6EGnPlHH5HK69kwqhA71vk3K9LbBjiJrlSLHFZgF1cCZJmHkWkbFmKSf40ZArTFh0nU2o1YzXCu94p4MwDynSQqYzJZhuj2yis-zY6xH7F14EReK5ra7-ltkm4Cj8KJ42D307EFhK5QPo0pKnfSI8zthXhBPalc-3rNgM1PJclIsFPLdd4_t_MZPFPmdEsbOsNQbstE9iZlGuwrY-vC9OM2Rgnd0bKEMH5M_T1MkwtTpG7tdznl71n7so9tlkS7hs8alsp14D1YvVx_8-6uMi2HIYX0YODxC5JgN24Wg4IYZpBVraxZZ1xQkGZvRVvj3CBIrCyUeOFjgir2cSTStGS5E4i2HoheUcZ_u1mGnA2f7KjtxqEzigZeSaZSmqgOuecMQ62R5O723D0TGV96zoNms2DBqHr4uFjzt4aCnmarAPceC--ReBnJ7ZIlgNFgreuKsO2vxiAjXft26cMq1WXKodEhOp5w-e8i-T4SLkyYPyF6KCsEaGSpy4yVtAMQQ-1WovmFsOmvSR_zOQ9786TQneyaKQWpWfvEdxTGdDmB6uH1j8IWVto_0SfKwPMHvtx6Xc2khjjes4-wmRWah_QhDgGn_QSyt6f3gj4hC-hU5k86GQBjcJB95D8mVMY2fMtztIJ7L0aUKkwz7pcA9ge-RoswKO0_P27ZqNf_gbBF-87DEikV0bKlel7Fz09BOugI0lkN_cRLHU1tmwvO6bD6TzWY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 10ms
10ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043197&de=504399965926&cu=1682429043197&m=1312&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=1&ag=1303&an=1303&gi=1&gf=1303&gg=1303&ix=1303&ic=1303&ez=1&ck=1303&kw=962&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1303&bx=1303&ci=1303&jz=962&dj=1&aa=1&ad=1202&cn=1202&gn=1&gk=1202&gl=1202&ik=1202&co=1202&cp=962&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=962&cd=962&ah=962&am=962&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3126637845%3A6182682175%3A138424532569&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=14_xwbx4si9gj000000xwbx4si9gj000000xwb&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=14_xwbx4si9gj000000xwbx4si9gj000000xwb&iq=na&tt=na&tc=0&fs=203238&na=150513654&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:04 GMT

GET
H2 200 3kQxxUdm_normal.jpg
pbs.twimg.com/profile_images/1445042785892159490/ Frame ADB3 2 KB
2 KB 74ms
10ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1445042785892159490/3kQxxUdm_normal.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 -, , ASN (),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

08c40569bd79ba18b6842258392c869a29da2689ec8187bf8ec5c28366e1d158

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:24:04 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 446060
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 1731
x-response-time: 110
surrogate-key: profile_images profile_images/bucket/3 profile_images/1445042785892159490
last-modified: Mon, 04 Oct 2021 15:05:02 GMT
server: ECS (frb/67BA)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 2137a90d7e372763
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: e970fe93795bbb0b8f94f2cdc8d4bf284f90b5fe32bdf5998597d7f607db9291
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
16ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043197&de=504399965926&cu=1682429043197&m=1313&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=1&ag=1303&an=1303&gi=1&gf=1303&gg=1303&ix=1303&ic=1303&ez=1&ck=1303&kw=962&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1303&bx=1303&ci=1303&jz=962&dj=1&aa=1&ad=1202&cn=1202&gn=1&gk=1202&gl=1202&ik=1202&co=1202&cp=962&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=962&cd=962&ah=962&am=962&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3126637845%3A6182682175%3A138424532569&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=14_xwbx4si9gj000000xwbx4si9gj000000xwb&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=14_xwbx4si9gj000000xwbx4si9gj000000xwb&iq=na&tt=na&tc=0&fs=203238&na=1000246316&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:04 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
17ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043046&de=545394308359&cu=1682429043046&m=1485&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=1&ag=1064&an=109&gi=1&gf=1064&gg=109&ix=1064&ic=1064&ez=1&ck=1064&kw=908&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1064&bx=109&ci=1064&jz=908&dj=1&aa=0&ad=814&cn=0&gk=814&gl=0&ik=814&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=908&cd=218&ah=908&am=218&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=80029947%3A3160627322%3A6235418606%3A138428976147&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203238&na=250008500&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:04 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
8ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043046&de=545394308359&cu=1682429043046&m=1486&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=1&ag=1064&an=1064&gi=1&gf=1064&gg=1064&ix=1064&ic=1064&ez=1&ck=1064&kw=908&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1064&bx=1064&ci=1064&jz=908&dj=1&aa=0&ad=814&cn=814&gk=814&gl=814&ik=814&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=908&cd=908&ah=908&am=908&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=80029947%3A3160627322%3A6235418606%3A138428976147&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203238&na=369892470&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:04 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 10ms
9ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043046&de=545394308359&cu=1682429043046&m=1486&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=1&ag=1064&an=1064&gi=1&gf=1064&gg=1064&ix=1064&ic=1064&ez=1&ck=1064&kw=908&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1064&bx=1064&ci=1064&jz=908&dj=1&aa=0&ad=814&cn=814&gk=814&gl=814&ik=814&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=908&cd=908&ah=908&am=908&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=80029947%3A3160627322%3A6235418606%3A138428976147&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203238&na=187317833&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:04 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 9ms
9ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=4&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.darkreading.com%2F%2Fthreat-intelligence%2F-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=675&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043056&de=230734243453&cu=1682429043056&m=1672&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=0&ag=90&an=0&gf=90&gg=0&ix=90&ic=90&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=90&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=179&cd=0&ah=179&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3126637845%3A6182682175%3A138408218300&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=13_cd8qmdhclrt00000cd8qmdhclrt00000cd8&hv=Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=13_cd8qmdhclrt00000cd8qmdhclrt00000cd8&iq=na&tt=na&tc=0&fs=203238&na=1227267056&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:04 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 10ms
2ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWcFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-d6V3bHpQg2TbHQ%3D%3D&sc=1&os=1-Eg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&id=1&ii=4&f=0&j=&t=1682429043046&de=545394308359&cu=1682429043046&m=1703&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4532&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1307%3A1900%3A3991%3A1376&as=1&ag=1283&an=1064&gi=1&gf=1283&gg=1064&ix=1283&ic=1283&ez=1&ck=1064&kw=908&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1283&bx=1064&ci=1064&jz=908&dj=1&aa=1&ad=1033&cn=814&gn=1&gk=1033&gl=814&ik=1033&co=1033&cp=1173&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1173&cd=908&ah=1173&am=908&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=80029947%3A3160627322%3A6235418606%3A138428976147&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203238&na=1446560394&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 13:24:05 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F9DE 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4MbSkSqZ7ga8BHBOe3TRvNrqhpD2_-_m8fdlELNXVhaJYFS72VKut-4U79QjH4ZYxVlxcp7dLKgNZdBFvjL83dtqRKvh4NixpcIxQY2iYHtJGFrsm&sig=Cg0ArKJSzA5SQnvFMUwhEAE&id=lidar2&mcvt=1023&p=1105,308,1106,309&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20230419&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1177074020&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682429042445&rpt=1545&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 13:24:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.darkreading.com/	1970-01-20 13:30:05	Name: _gcl_au Value: 1.1.356024692.1682429040
.darkreading.com/	1969-12-31 23:59:59	Name: __Secure-next-auth.callback-url Value: https%3A%2F%2Fwww.darkreading.com
www.darkreading.com/	1969-12-31 23:59:59	Name: __Host-next-auth.csrf-token Value: 7b561ae703e95d20cc63bdcc90ee65f60bfea4ce1ab6720b34289fd3a1ad5f29%7C784b8265818dc45e9093a487c80f129b8a2d68ede49a2af3ea99d6d78d5e9229
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: SSBPOESlwoE
.youtube.com/	1970-01-20 15:39:41	Name: VISITOR_INFO1_LIVE Value: zdCwio2r2ok
.darkreading.com/	1970-01-20 15:39:41	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Apr+25+2023+13%3A24%3A00+GMT%2B0000+(GMT)&version=6.39.0&isIABGlobal=false&hosts=&consentId=2e8045e5-8ad0-45d7-adbe-a8ba9e093c12&interactionCount=0&landingPath=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Ftangled-up-tomiris-apt-uses-turla-malware-confusing-researchers&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.darkreading.com/	1970-01-20 20:49:17	Name: _cb Value: DCoT4TBRsYaGcSdUy
.darkreading.com/	1970-01-20 20:49:17	Name: _chartbeat2 Value: .1682429040236.1682429040236.1.B9wQ7n6imDDDKMfm4DyNzlfC2SzMo.1
.darkreading.com/	1970-01-20 11:20:30	Name: _cb_svref Value: null
.darkreading.com/	1970-01-20 11:20:30	Name: _sp_ses.94c4 Value: *
.darkreading.com/	1970-01-20 20:56:29	Name: _sp_id.94c4 Value: de7adab2-d7e2-4c25-ba53-50c90a63b237.1682429040.1.1682429040.1682429040.9951a674-96af-472a-adde-1ee842aaf963
.darkreading.com/	1970-01-20 20:56:29	Name: __td_signed Value: true
.darkreading.com/	1970-01-20 20:56:29	Name: _td Value: 33c53134-fd58-4206-8924-6b6405fc5c60
.darkreading.com/	1970-01-20 20:56:29	Name: _ga_1X1EHQ3PFR Value: GS1.1.1682429040.1.0.1682429040.60.0.0
.darkreading.com/	1970-01-20 20:56:29	Name: _ga Value: GA1.2.1324050391.1682429040
.darkreading.com/	1970-01-20 11:21:55	Name: _gid Value: GA1.2.141940605.1682429040
.darkreading.com/	1970-01-20 11:20:29	Name: _gat_UA-135180592-2 Value: 1
www.darkreading.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.in.treasuredata.com/	1970-01-20 20:56:29	Name: _td_global Value: 1c459ca7-8c84-486a-a574-a991691b8705
www.darkreading.com/	1970-01-20 11:21:55	Name: _iris_cdl Value: Ki50cmFkZXB1Yi5jb20=
.adnxs.com/	1970-01-20 13:30:05	Name: uuid2 Value: 1111044141702830350
.darkreading.com/	1970-01-20 20:06:05	Name: _hjSessionUser_2610568 Value: eyJpZCI6ImNiNjE0OWQ0LTM0Y2UtNTQ3Zi1hYjJmLWU1ZjdhMWE3MzgwNiIsImNyZWF0ZWQiOjE2ODI0MjkwNDA0NTksImV4aXN0aW5nIjpmYWxzZX0=
.darkreading.com/	1970-01-20 11:20:30	Name: _hjFirstSeen Value: 1
.darkreading.com/	1970-01-20 11:20:29	Name: _hjIncludedInSessionSample_2610568 Value: 0
.darkreading.com/	1970-01-20 11:20:30	Name: _hjSession_2610568 Value: eyJpZCI6ImIzZDRlMjJjLWQwYzQtNGJkMi05Nzk1LTg3NGQ1OTRmNDQ1NyIsImNyZWF0ZWQiOjE2ODI0MjkwNDA0NzAsImluU2FtcGxlIjpmYWxzZX0=
.darkreading.com/	1970-01-20 11:20:30	Name: _hjAbsoluteSessionInProgress Value: 0
.darkreading.com/	1970-01-20 20:06:05	Name: sp Value: e64704cb-4f15-4020-88fc-3b9ff1a19b3a
.darkreading.com/	1969-12-31 23:59:59	Name: at_check Value: true
.darkreading.com/	1970-01-20 20:56:29	Name: mbox Value: session#301defb70f354d878ee2f69160671c72#1682430901\|PC#301defb70f354d878ee2f69160671c72.37_0#1745673841
.darkreading.com/	1970-01-20 11:20:30	Name: mboxEdgeCluster Value: 37
.dpmsrv.com/	1970-01-20 20:56:29	Name: dpm_pxl Value: 6173f22dc693c485936b80f0badeeb43f6f9ab5d
.dpmsrv.com/	1970-01-20 20:56:29	Name: dpm_pxl_aid Value: 1111044141702830350
www.darkreading.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.doubleclick.net/	1970-01-20 20:42:05	Name: IDE Value: AHWqTUlmBUnt1sK43okJw_ZFVxGTSrl8ugcHNvQFZRIeySE8NnLgqRnTPAA3NwEwpPw
.darkreading.com/	1970-01-20 20:50:43	Name: ELOQUA Value: GUID=984256A1992C4FBEA51698CF5B56B026
.darkreading.com/	1970-01-20 20:42:05	Name: __gads Value: ID=185739912c2a0668:T=1682429042:S=ALNI_MZvxwxX8yb1e90T6dXYBRR21SlH4A
.darkreading.com/	1970-01-20 20:42:05	Name: __gpi Value: UID=00000befa319aa69:T=1682429042:RT=1682429042:S=ALNI_MZRKM3I6mXnzdPUHPHxn4ysx92_yw
www.darkreading.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 4.122

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.darkreading.com/404 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=1111044141702830350 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://www.darkreading.com/404 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

459ce04ab19dbf5d3ba01c224fb7aab5.safeframe.googlesyndication.com
6600d6d98e534115970f9529a45f3195.js.ubembed.com
a.dpmsrv.com
a.teads.tv
ads.celtra.com
adservice.google.com
adservice.google.de
assets.ubembed.com
beta.darkreading.com
c.darkreading.com
cache-ssl.celtra.com
cdn.cookielaw.org
cdn.treasuredata.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
eu-images.contentstack.com
eu01.in.treasuredata.com
fonts.gstatic.com
geo.moatads.com
geolocation.onetrust.com
ib.adnxs.com
idsync.rlcdn.com
iirexhibitionslimite.tt.omtrdc.net
img.en25.com
in.ml314.com
ml314.com
pagead2.googlesyndication.com
pbs.twimg.com
ping.chartbeat.net
px.moatads.com
region1.analytics.google.com
s.dpmsrv.com
script.hotjar.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.chartbeat.com
static.cloudflareinsights.com
static.hotjar.com
static.iris.informa.com
stats.g.doubleclick.net
t.teads.tv
tpc.googlesyndication.com
track.celtra.com
trk.darkreading.com
www.darkreading.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
z.moatads.com
108.138.17.78
108.157.4.113
108.157.4.19
108.157.4.71
142.0.173.15
142.250.185.130
151.101.193.131
151.101.2.137
18.154.63.24
18.154.63.51
185.89.210.212
2.20.65.30
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2b
23.32.242.89
23.35.237.151
2600:9000:2057:3800:18:1fcd:351:7bc1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700:4400::ac40:9062
2606:4700::6810:3865
2606:4700::6811:190e
2606:4700::6811:7763
2606:4700::6811:7863
2606:4700::6812:bcf
2606:4700::6813:bb61
2a00:1450:4001:803::2002
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c02::9c
3.125.172.192
3.220.216.226
34.111.234.236
34.192.97.129
34.230.248.86
35.176.107.138
35.244.174.68
52.205.217.24
52.222.236.63
54.224.217.157
88.221.169.49
99.80.21.219
001605b45858512de24f64a8d140d23da61ad5b8cd86b359c394d892461e8f44
0024799439eb23b1b2336e7556d2d6961d34fddda504dc7603352aaa1b65392a
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
032a9621531a7da78f7dd1fc7a2f8e8fb6b5bb57a4d42696c0f73f07dd42c796
03b6f9934a86e8d5472f0b2449d99983b33aceba85871c5ac10ff79a70afab97
061873fb71d654fc87404592fbb9cd1665e8882c1ab3423f92ddc61f940be783
062e966b7277efe21c5d52f1dc50fd6f637ee8dc09787da58575bf94a2cba078
06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e
07bb0f81573c118fb2cced07aacddad96a5612bf0e300e5b2ab17e350bd1c419
08c40569bd79ba18b6842258392c869a29da2689ec8187bf8ec5c28366e1d158
0a3b299d521e53b9a93e4325b4ef529fe8cb25bf34d0cf9c3390b27bdb670bf3
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7
0e198a2d521948c31a85eff04b881542d8b31d8b5824f900a950ea34bf5ef811
0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a
107846f6fbec06f86e7c539f97149effcafa712070a49b406bd4ef5cd1de0913
120be5c1f0c3158ea3f36d14321d28e8bad8f3c6fcf6eadd240020c1836eff98
127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
1416c3244a6798bb6194d6a2d3909fabc3ed84d73684de8addc5caa2caeac78b
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
1848ed0b2a54ed644ee182f2e2c012164080f1be7c475041f8d0a2ebe456c89f
1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7
1878115b1ddde15c264ecba2483095d1956a526ae0544f87e7fe9a3a62bb1d76
1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f
1cc56be71f6e9f4103ea28dbd4e3f435288c26bba0015c66ca49b117e46a35ad
21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
22493b345cbf6bd424d4837aaede3717956860cddffac5415e2cf120c433a38a
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
240f7bb05c2a5c586b2c7d4d5c92e56ce10b3f2b8957bf26d3126967cfa18c2f
262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2818c286abce05ff2bec304720049991809f5d7f0a426f36c176b6e22730cdad
2adfabdca47e7ea3ca23597e24f6415dea9842d97159920b12d55796273b50f0
2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539
2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286
2f8650c7f614694fbf353e3690b981a651ce8aa79ee32c82f21ef303eeeb5421
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3326f0d66ca3b0ef4cbf29d399232e4651788d636b55d2f192268b843cb0acad
332be8338c36d31c73519e17af7df81c34188319ba032325031df6ad299fac1e
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
33fb2f15286d2e334a1ada74d2a9a3a5d4bc847082d7087f4a5b5d25d5cf5eb1
35396bc1fe0457ca063caaf18161f4d252b66dda7bdf4dc83bd7291c5a763b5a
36069dae705692548e4a2c2d3c504cea29cf7756771c054130f14e48f3492b58
360bf72946be674a29662a903109f5b291d342e3feb13bddc11ef9afa6d1a878
3d238f5d9ce7c53e06aa9d28b552db871fb0bb90a42a544a7ce2ed7c7ae2f07d
41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d
41f249ed37229c7cee7624e6c1fbd951cf92234e66486d0ff5a9e3bd5bfe1ab4
429f7e0fe891676debcf572bce666bf67cabfd82e6774895d4800283a05df589
43560cd6cd441d8761b4db45dedb30e26677e3e578a5f48f3ed2fe2493ca6cec
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825
4bf55cdbd45377c58e2d7d4b72250fdd3f2001ce13a3f92f37d15e6cd60911dd
4c662be26daa544e07f7170870e306427b9fcf0d9f30e6f602c7fb67005bfda3
4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435
527f0597e5a5c4ee09a3d189bd0c0495ad504adbc4aab65395e074bd21f86062
54bc3571e962e764d2a807edf98c0aa7f5b5132adb4049f34427f132d53bb096
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
584e18559bbb004441536d357452aa863692edb0be74bb1ebc53cfad23b2ef44
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5e88b7c654061e26d45ca36cd067c150e3b3017d2361e7d9405826b3a0602597
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fc21f5225acbc020919c700c7cc2af807ba0e6383f41eeb94f5cb16f7d85396
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1
656cbfee8d92b6426be1e7f30878b24c14f1cf0d68864e4ea1d7bf36e5da0005
6ac768d479fd8627d59a5298f7175cf51f4ace4eea8feda66a04b1e32244d6ed
6b8f3a71d980837230be848ba61b35be14a5e01f1c3f128e6ff919d3f3e758b9
6e00d3935f6a747eedf83365b8b957f71ec570e9ac018426c07f59e7e1a32126
720b074e114854f5c2b347ee013066f2ff6e8a1da750d605c8df6936b997eb60
784a3b29c458a834055015249fb83e0108927f54bbabfe5f8a93aad795c8a771
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7da43615497431686da30736bed89b089640b00f60c0fc363705521b37b6ee8c
7f805e1c5918c731e981c4806421ac8e14734ed227e306453c846affedd34f49
810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e
8273ee34cdcec9eb161f107527d8288af7a30e0d1bd7b619f59b23df3599a8cc
83312fcd9cb4d005c6e9166b2adf53d0f11c21ee138623e82f54cb05de1f3cd5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f48a6e4e716148a20100ce282ee816ddee0d0b4b6deb4532c21d9288b1e63c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853d2620667da24208daf170e7b949e301688e4ab67c85c452b9bf2de76bc85a
86a9f72eea23158a445ee44c254330dd71fbb44590d381a3263638674ef1ef4e
86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda
874a0261d645ca245ab774eed8519e9df9b128ec8bd0171080cd289677b81063
8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca
875c3eebd478ee233c53fdfa7a12c202cccd9cc3c32346775994ee10fb1cb996
89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119
8b95abe7fc24dcfcb2a39ba7887760551af01a59b680371c08bf45be52f5fdb6
8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e
92e2472635cbca31d4b0694c1248618677a5279d6e841b23191c3d5a76ac09f4
93228b5adec5915bc768e7283facbf43fa9fa1e21fa4c11a571a744bc04f7ecd
98d5f47ce708af70a5d6dd30d620861d77dd7021ccc4a7b2dd6310703ad6808c
9dddb939f2fb146a699ea1cf0efd984d4b8f429aa49d70246bff358fdbdf7fe7
9dff15c6576770a67939c29928d8e31ff30ecc041354b5eecacc82bbe51aafa2
a32859088eccbb0664dcca21d89cbf59007c70c6d28b655ea30c1014ac5e954d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60d69da1596fecefa0361fb48efb1b215583072a27007de5aced6e4c4b6af6b
a727c8e832edfec61aa5030d5699c37d6b0ead2e501cdf1d8264d7233ac6fe23
ab36b8356d4b7e3e3591b161427e6fb18512a2ccc8a787f8cc03294cf2f30478
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b315181f1047d35cc29f1b83c9c31ea493c5006f21930ba0a5e790a80ca2b7f2
b4525a5f3847a9166fe1e883fd275951bf489526dd0d239acbf3118d0c80cec3
b68ece7589d8880b2d89b65de56d7b16883a79ff5b43242a4a2a33f586fb2c93
b8fc3a6d5ec8e0edff999f03ce4cc4ef840801e8312f2c384c2df2b1fb3bd2b9
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
c4ebf694007345c59a43e021e4613ae6f4675aa14c81a9de4884091189d5d7dd
c908239156f8836a611cbab867eeebbdd9f79a98b968f47a683f6882a8903b61
c9e40e17ef48acdd8fbbd4ab434adcd35602a939c19816f297baaa91e675a067
cb4787d6337aa1e504d8d2dc49629d5b46a49c30a6da6f4bb964e8875dd4bc43
ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d096af42115c0c32540183692f5608c358e8812fd6ccabb7ae8743263c0cc895
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d24c66538a48f60e421df6dfabbc18e6acbf21642a9118e3dbf1d36a1e1124b0
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d28dad4f1984213b641b46715ddd12c6509fff3bf0804f4c4e63ef22f9dfb5f8
d2eb32006cf9778bb101720836a0141a0dc1cf8498483e6a2bc3133a934bc00f
d3be4ebda7331b027423ce1cc44ece48888e07acc3b0ac5292f48ad4ec623824
d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
de06fea245b0036d21764fcf2b9a4791c0a0f1e927e3916c7d779cb44a1977bd
de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
deebd199ddadbdc34ffb6987c2dc8656b994529b4ef9ea1f0551e73489756b96
df41b52bef5601ae2a5f11ef99f43c96cefa52dc6209650c659ab843247ac769
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e168f400859a54ae28705c297c4d347eacbbcfee972a38744b8f9d890022a898
e1a19826c4868235ee0f0abbbb26776f29912d4248282ab9c3f989a9ddd0367f
e1e779400a82dc66165854384cab22bed09762f0d1b9d5e0da2a31563adb740c
e337d908408f3a8464238f5c97d24e6f354d97f388a8c8979e811bcf4e18f9ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7561dbabd836af2b6fe663e7cd02763e05ac05968ee566d7bce06a933927500
eb316b7543de09693b789a31a3cf23d39272ca8a14c2720bd69c2a1eec6c4d23
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effef71f30590a013cb002ef58c05a5dba935dd5051660b8af6f90f54404bae0
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f21710d126d1784c5b9ba4f30f3260d8c4fa1f8b7a3cc7e4c8ac8a140f848665
f4db5bbe3c0e80c2ac55bc794bfb7866ab8c1f361f2dabd0c9a6aff6807805ac
f84daf0174e2c6f686b5864ff7dafc119dae3c2ca88f213dcbfc3f70b2b39571
fb1589f0619e41e0fa1d0770121be244be9fa07d5a6c5938d5988f9726927307
fb657972079f36258237fd79c9b7cf160c82943f31fe5ff1b0e10be49e27be5b
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fc57fb7726d7a86c273bebb59f12bc63a69ea93c695f971f73bb035f9bbe928b
fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6
fe3793161a079022ba6b14586d94b6dd9ffd7c984d2eaa622f89b6295908d376

www.darkreading.com Open in urlscan Pro 2606:4700::6811:7863 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

232 Requests

97 %HTTPS

50 %IPv6

34 Domains

54 Subdomains

51 IPs

7 Countries

4993 kBTransfer

12458 kBSize

38 Cookies

48 Outgoing links

Redirected requests

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.darkreading.com Open in urlscan Pro
2606:4700::6811:7863 Public Scan

Screenshot
Live screenshot

Full Image

232
Requests

97 %
HTTPS

50 %
IPv6

34
Domains

54
Subdomains

51
IPs

7
Countries

4993 kB
Transfer

12458 kB
Size

38
Cookies

232 HTTP transactions
10 data transactions