www.darkreading.com Open in urlscan Pro
2606:4700::6812:6f2f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Submission: On December 12 via api (December 12th 2023, 2:10:00 am UTC) from TR — Scanned from DE

Summary HTTP 241 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 28 domains to perform 241 HTTP transactions. The main IP is 2606:4700::6812:6f2f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.darkreading.com. The Cisco Umbrella rank of the primary domain is 155739.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2023. Valid for: a year.

This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
78	2606:4700::68... 2606:4700::6812:6f2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	18.245.86.23 18.245.86.23	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:239... 2600:9000:2394:de00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:944b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
1	18.239.69.54 18.239.69.54	16509 (AMAZON-02) (AMAZON-02)
4	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	13.32.27.19 13.32.27.19	16509 (AMAZON-02) (AMAZON-02)
1	18.213.234.103 18.213.234.103	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6812:6d2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a05:d018:94a... 2a05:d018:94a:8a01:c586:685d:9540:69ee	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	108.138.26.47 108.138.26.47	16509 (AMAZON-02) (AMAZON-02)
2	18.184.48.90 18.184.48.90	16509 (AMAZON-02) (AMAZON-02)
1	18.203.9.136 18.203.9.136	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::ac40:966b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
15	184.30.17.133 184.30.17.133	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	52.71.135.118 52.71.135.118	14618 (AMAZON-AES) (AMAZON-AES)
1	141.147.81.223 141.147.81.223	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	54.160.147.69 54.160.147.69	14618 (AMAZON-AES) (AMAZON-AES)
29	18.66.112.49 18.66.112.49	16509 (AMAZON-02) (AMAZON-02)
2	54.161.239.77 54.161.239.77	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	185.221.87.23 185.221.87.23	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
241	40

78 2606:4700::6812:6f2f (United States)

ASN13335 (CLOUDFLARENET, US)

www.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

eu-images.contentstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www3.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

marketingplatform.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.245.86.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-23.fra60.r.cloudfront.net

static.iris.informa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2394:de00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:944b (United States)

ASN13335 (CLOUDFLARENET, US)

6600d6d98e534115970f9529a45f3195.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.69.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-54.ams58.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.234.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-234-103.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:6d2f (United States)

ASN13335 (CLOUDFLARENET, US)

c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:94a:8a01:c586:685d:9540:69ee (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

cognito-identity.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b8f45e5b782b28a61a9f64c0df209487.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-47.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.48.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-48-90.eu-central-1.compute.amazonaws.com

eu01.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.9.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-9-136.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:966b (United States)

ASN13335 (CLOUDFLARENET, US)

api.iiris.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 184.30.17.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-133.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.135.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-135-118.compute-1.amazonaws.com

ads.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.147.81.223 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.160.147.69 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-147-69.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 18.66.112.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-49.fra56.r.cloudfront.net

cache-ssl.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.161.239.77 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-239-77.compute-1.amazonaws.com

track.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.221.87.23 (Ireland)

ASN54113 (FASTLY, US)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	darkreading.com www.darkreading.com — Cisco Umbrella Rank: 155739 c.darkreading.com — Cisco Umbrella Rank: 400298	956 KB
32	celtra.com ads.celtra.com — Cisco Umbrella Rank: 3149 cache-ssl.celtra.com — Cisco Umbrella Rank: 3883 track.celtra.com — Cisco Umbrella Rank: 3742	744 KB
31	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 www3.doubleclick.net — Cisco Umbrella Rank: 19686 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	239 KB
16	moatads.com z.moatads.com — Cisco Umbrella Rank: 653 mb.moatads.com — Cisco Umbrella Rank: 766 px.moatads.com — Cisco Umbrella Rank: 594	456 KB
16	googlesyndication.com b8f45e5b782b28a61a9f64c0df209487.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	334 KB
13	contentstack.com eu-images.contentstack.com — Cisco Umbrella Rank: 47491	154 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 324	289 KB
5	ml314.com ml314.com — Cisco Umbrella Rank: 1824 in.ml314.com — Cisco Umbrella Rank: 10549	21 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	255 KB
4	informa.com static.iris.informa.com — Cisco Umbrella Rank: 54044	367 KB
3	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 15782 eu01.in.treasuredata.com — Cisco Umbrella Rank: 23457	20 KB
3	google.com marketingplatform.google.com — Cisco Umbrella Rank: 12917 region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	232 KB
2	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 9233	808 B
2	iiris.com api.iiris.com — Cisco Umbrella Rank: 273752	2 KB
2	amazonaws.com cognito-identity.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 8520	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	60 KB
2	ubembed.com 6600d6d98e534115970f9529a45f3195.js.ubembed.com — Cisco Umbrella Rank: 333134 assets.ubembed.com — Cisco Umbrella Rank: 11732	49 KB
2	gstatic.com fonts.gstatic.com	62 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 590	29 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6459	161 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1455	201 B
1	google.de www.google.de — Cisco Umbrella Rank: 6765	408 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1767	15 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 548	295 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	3 KB
241	28

	Domain	Requested by
77	www.darkreading.com	www.darkreading.com
29	cache-ssl.celtra.com	ads.celtra.com www.darkreading.com
29	securepubads.g.doubleclick.net	www.darkreading.com www.googletagservices.com
13	eu-images.contentstack.com	www.darkreading.com
11	px.moatads.com	www.darkreading.com
10	cdn.cookielaw.org	www.darkreading.com cdn.cookielaw.org
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.darkreading.com
6	pagead2.googlesyndication.com	www.googletagservices.com www.darkreading.com tpc.googlesyndication.com
4	z.moatads.com	securepubads.g.doubleclick.net
4	www.googletagservices.com	securepubads.g.doubleclick.net
4	ml314.com	www.darkreading.com z.moatads.com ml314.com
4	static.iris.informa.com	www.darkreading.com
3	www.googletagmanager.com	www.darkreading.com
2	bam.eu01.nr-data.net	www.darkreading.com
2	track.celtra.com	www.darkreading.com
2	api.iiris.com	www.darkreading.com
2	eu01.in.treasuredata.com	www.darkreading.com
2	cognito-identity.eu-west-1.amazonaws.com	www.darkreading.com
2	c.darkreading.com	static.iris.informa.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	www.darkreading.com securepubads.g.doubleclick.net
1	www.google.com	www.darkreading.com
1	js-agent.newrelic.com	www.darkreading.com
1	in.ml314.com	ml314.com
1	mb.moatads.com	z.moatads.com
1	ads.celtra.com	www.darkreading.com
1	content.hotjar.io	www.darkreading.com
1	assets.ubembed.com	www.darkreading.com
1	b8f45e5b782b28a61a9f64c0df209487.safeframe.googlesyndication.com	www.darkreading.com
1	ping.chartbeat.net	www.darkreading.com
1	script.hotjar.com	www.darkreading.com
1	www.google.de	www.darkreading.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.treasuredata.com	www.darkreading.com
1	static.hotjar.com	www.darkreading.com
1	6600d6d98e534115970f9529a45f3195.js.ubembed.com	www.darkreading.com
1	static.chartbeat.com	www.darkreading.com
1	marketingplatform.google.com	www.darkreading.com
1	www3.doubleclick.net	1 redirects
1	geolocation.onetrust.com	www.darkreading.com
1	static.cloudflareinsights.com	www.darkreading.com
1	connect.facebook.net	www.darkreading.com
241	43

This site contains links to these domains. Also see Links.

Domain
www.informa.com
dr-resources.darkreading.com
twitter.com
www.linkedin.com
www.facebook.com
www.youtube.com
news.google.com
www.twitter.com
www.reddit.com
blog.talosintelligence.com
www.veracode.com
darkreading.tradepub.com
www.blackhat.com
ve.informaengage.com
iw-resources.informationweek.com
www.informationweek.com
info.wrightsmedia.com
www.informatech.com
www.onetrust.com

Subject Issuer	Validity	Valid
darkreading.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
*.contentstack.com Gandi Standard SSL CA 2	`2023-07-03` - `2024-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-20` - `2023-12-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
static.iris.informa.com Amazon RSA 2048 M01	`2023-07-04` - `2024-08-01`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.js.ubembed.com E1	`2023-10-19` - `2024-01-17`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-07-19` - `2024-08-16`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2023-11-03` - `2024-02-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
cognito-identity.eu-west-1.amazonaws.com Amazon RSA 2048 M02	`2023-05-08` - `2024-06-05`	a year	crt.sh
assets.ubembed.com Amazon RSA 2048 M03	`2023-12-06` - `2025-01-03`	a year	crt.sh
*.in.treasuredata.com Amazon RSA 2048 M02	`2023-05-25` - `2024-06-22`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
iiris.com GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
celtra.com Amazon RSA 2048 M03	`2023-12-10` - `2025-01-07`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2023-10-16` - `2024-11-12`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2023-11-03` - `2024-10-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Frame ID: 4033E6798136834B75786B3F77220A07
Requests: 172 HTTP requests in this frame

Frame: https://b8f45e5b782b28a61a9f64c0df209487.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1A8EF2FE7041079CDB09853E66BC4F32
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgy44TMio6M5OW9oXQtkBwA4ABHtUq4o0BYpxZdxEBDbpL0D6G1M32ok6m9AJ6Azvzr6EG7Dp1Bwl7oKIRNY4YlvKyf0126zkSzn-H9ad3_T9uaJ5nXE10STyyF6VNimkPAPaIMS8kV7WeWkrA__qesqf708QpRCU46OOoM2j6ftqCq-MZjFAj9vkquwbP-Z3XYD_o50WXJeicMDx4KBwqTokT3UL5nLrnpZzrd5728vX8s143emWNpSRrxJuPTbhkZr1YbYiwKjWt99b07QizLOf-VmMkDGqurVKIPYL6l4pooHV2OBRCUE7mLbJSsayNsaUKnmCTj2aNIZtrc3G58M3fAuwabl3oo1LwlzgqIzjnCyS0WKy8uO2jAnAsD94-I0-LMNmhJCDcSHjbyJFxsqJ6Tk8&sai=AMfl-YSc-syzCKQw7cGg2UbotoJldFdtkBA0pCDxThDhKatctjEIs1sn6SVEekuzrH4Yc974uSDZaoGQL9ikGe1D7qvOaZ8N-hYG7Hfcjuizhu05jF7PwirkewR0_yKkBTBJtovwcyZoSa50HZxewSQuq8W_&sig=Cg0ArKJSzI3vurD_QZVTEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 608E7FF1B748AFF3A7B1E4DA195FC3DD
Requests: 12 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3431E7654C70C91F03586DE4E49BB537
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucCeP5miosk5WYe4SksnNh8Qd8hbcPiSUZbjlgyIYgK1XsibZxpORQKrmlS34W2FgzMoChks7steYa9BPF8Z3brGa1r2QQA5Jm242gxnvKYcKLByefKzoRIiBHIvrlmWkdxXjxVSU68I5HbmnV8nMn2EswVwlxp4uqvW4YCa6hwcHEGm4eZJvqUrdj-c1XnT1cqKyik0Zc7UObp3b_gbNGtHWYe5wO6Epvsgl9pb3WHCVZk2QVf9ffcJS0r54ZTUH-SYWWzAWWmjx_bf50d5n1rwhyCEUJilN3Y2IBBeAo3NdAKptda6r-JwemND94CSqXpr3s0-1GlpIErElT4dxIJU56PhkWpBdi_NBDz3c5jO3FlqH2wCdMGcSnLsOip7EiwQ&sai=AMfl-YTwRXkpB1ql79vlnB4zHIhbbXqRyIQNAaG9vXA5MzreNLcFkQyTgAKuDxavifsKHqMJXEjivIXx1pBD7vFKesbzDqvR9a5VQPLIgnQKHNiL_0wSEzMXdCYjkR7YcoXcSSdY6zYTG0zsvXZ-qH0g5oDD&sig=Cg0ArKJSzMoAkr3g9c8gEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 00B53E4EF13CF492D07D3D029EEC566C
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukoxNY6R_9zApOJKgiSRpvA0PfP8bt8sk85NuPfbLH5PmogH-_x-xsAUCg4o8JrKyJ-uc6xZVZg_t3G_1liFd79XqNjRdsuxknW07lOHnknB7KtIG1EFgBese3OkG6-ZZwDqn1_77OCmU_6ffNRdc7XbplyzAORt1scwAi0UsoWDsYUY7dk9ehmeKBi-zE4Q76zPhJhmUj2-43Vlgm4BZgQmpMPA140NqTeuRftjjt9k5WnkmuXxiDy9a_AFPEk99Hw163JHA4ozvPA5642HYkJZz5i0RffJ38H36a85DyEdFJqsQ5aRw0CHtdeq5B7d3Z5KgX0bthl9JtoyLxYSqkdcoE6fjw4ack8KaE1LJbXiL7XUaQtitaRCfHlOVsvJySww&sai=AMfl-YRjWH8Lbm5jFTprACNasxsafhyiMYkGt_dGBmTdW46xDdXJ-2TGBW-US0qLEf4IwvP5kbJJiMvRc6cbMxpvcAMYuiikRIV3LpV-h93fps9epTX-LvAEs-k8g7YKQIaS6An2JMTcKgUmszpSlGDDsZs&sig=Cg0ArKJSzNXUamvDOz2oEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 74B6D5A7FF1ABF046E3BD1FE501521E0
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYkwcEeqmUJQg2Vps502BP51Xv5pUJVfFQcGmOWzp0LqwRUfHnPPH7-InxI3oACph3yG_5gadOzVAir1nVQEr70cJihQJwi0M5sAbkshNPWaSa3wYbUq4a4M584hbRtd1_m0sR-Dj-e2M_jaC64tGIkt4lXTMcTFsgYN8mPCWvzT4_um4QMHbShBVi2Oo0s8fiBKuCorQom4gmlfGCFR8diEl3vT2U1ZZMcXdY9eMTESxvEL0wIrBkD2GVOaB3Y3tBsO5nkVkCuIhOyuqSNeWLsRp5_q00oOFd1EM1gIReryi0ebw73ny51y100X6EU5ASGcn3f-z4qr3Kc1wSy9RMuRXlZp5T6FvBhP-ZvJR1SMLKxdDS2x-5HMu29siZJTn0Pg&sai=AMfl-YQBqankuGZrWsbfGvOYZAzi7RPmrf5Uxr4EJwkd0ZMI7YrQVDBvvrfrY0Rq-7GSoKzIYHWheRerVycV8dXJU1DdOJ9KbWTbovtN7nZ-YbHK7n1_unL-HTLd_rGAYg9SrqtkZ0GT8mZEMuT_jWHN7kg&sig=Cg0ArKJSzA72kLdTPe7ZEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: B6C101CE3D593529726F714A92DB4B12
Requests: 9 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/fonts/google/Lato:400/3_webfont.woff2?subset=BCDEGILORSTUVW
Frame ID: 2618CA7247F9DF7F20058AAA4CAB48C3
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2386D69FE4E5FEB20CC08E2E6DB8E139
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7FE92876435A07B08B47CA9C00C209CF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lazarus Group Is Still Juicing Log4Shell, Using RATs Written in 'D'Cookies ButtonBack ButtonSearch IconFilter Icon

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

241
Requests

99 %
HTTPS

57 %
IPv6

28
Domains

43
Subdomains

40
IPs

5
Countries

4302 kB
Transfer

12014 kB
Size

24
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://www.informa.com/
Title: Informa PLC

Search URL Search Domain Scan URL

URL: https://www.informa.com/about-us/
Title: ABOUT US

Search URL Search Domain Scan URL

URL: https://www.informa.com/investors/
Title: INVESTOR RELATIONS

Search URL Search Domain Scan URL

URL: https://www.informa.com/talent/
Title: TALENT

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/free/w_defa3135/prgm.cgi
Title: Newsletter Sign-Up

Search URL Search Domain Scan URL

URL: https://twitter.com/DarkReading

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dark-reading/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/darkreadingcom/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@DarkReadingOfficialYT

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMKmknwswtq63Aw?ceid=US:en&oc=3&hl=en-US&gl=US

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Search URL Search Domain Scan URL

URL: http://www.twitter.com/intent/tweet?url=https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d&title=Lazarus%20Group%20Is%20Still%20Juicing%20Log4Shell%2C%20Using%20RATs%20Written%20in%20%27D%27

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/lazarus_new_rats_dlang_and_telegram/
Title: has observed three Andariel attacks

Search URL Search Domain Scan URL

URL: https://www.veracode.com/blog/research/state-log4j-vulnerabilities-how-much-did-log4shell-change
Title: still using vulnerable versions of Log4j

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa5388&ch=sbx&cid=_upcoming_webinars_8.500001366&_mc=_upcoming_webinars_8.500001366
Title: Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and Phishing

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_palo202&ch=sbx&cid=_upcoming_webinars_8.500001367&_mc=_upcoming_webinars_8.500001367
Title: SecOps & DevSecOps in the Cloud

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa5538&ch=sbx&cid=_upcoming_webinars_8.500001377&_mc=_upcoming_webinars_8.500001377
Title: What's In Your Cloud?

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_ingg186&ch=sbx&cid=_upcoming_webinars_8.500001376&_mc=_upcoming_webinars_8.500001376
Title: Everything You Need to Know About DNS Attacks

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/asia-24/?cid=_session_16.500313&_mc=_session_16.500313
Title: Black Hat Asia - April 16-19 - Learn More

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/tr-24/?cid=_session_16.500312&_mc=_session_16.500312
Title: Black Hat Spring Trainings - March 12-15 - Learn More

Search URL Search Domain Scan URL

URL: https://ve.informaengage.com/virtual-events/cybersecurity-outlook-2024/?ch=sbx&cid=_session_16.500311&_mc=_session_16.500311
Title: Cybersecurity Outlook 2024 - A Dark Reading December 14 Event

Search URL Search Domain Scan URL

URL: https://iw-resources.informationweek.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4728&ch=sbx&cid=_session_16.500301&_mc=_session_16.500301
Title: Cyber Resiliency 2023: How to Keep IT Operations Running, No Matter What

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa5051&ch=sbx&cid=_analytics_7.300005999&_mc=_analytics_7.300005999
Title: Passwords Are Passe: Next Gen Authentication Addresses Today's Threats

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_forq239&ch=sbx&cid=_analytics_7.300005997&_mc=_analytics_7.300005997
Title: How to Deploy Zero Trust for Remote Workforce Security

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf62&ch=sbx&cid=_analytics_7.300005996&_mc=_analytics_7.300005996
Title: What Ransomware Groups Look for in Enterprise Victims

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf57&ch=sbx&cid=_analytics_7.300005992&_mc=_analytics_7.300005992
Title: How to Use Threat Intelligence to Mitigate Third-Party Risk

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_ingg120&ch=sbx&cid=_analytics_7.300005989&_mc=_analytics_7.300005989
Title: Everything You Need to Know About DNS Attacks

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4083&ch=sbx&cid=_whitepaper_14.500005384&_mc=_whitepaper_14.500005384
Title: 9 Traits You Need to Succeed as a Cybersecurity Leader

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4082&ch=sbx&cid=_whitepaper_14.500005383&_mc=_whitepaper_14.500005383
Title: The Ultimate Guide to the CISSP

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/security-management-and-analytics/cybersecurity/ai-in-cybersecurity-using-artificial-intelligence-to-mitigate-emerging-security-risks/438983?cid=_whitepaper_14.500005078&_mc=_whitepaper_14.500005078
Title: AI in Cybersecurity: Using artificial intelligence to mitigate emerging security risks

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/cybersecurity/security/2021-banking-and-financial-services-industry-cyber-threat-landscape-report/436543?cid=_whitepaper_14.500005029&_mc=_whitepaper_14.500005029
Title: 2021 Banking and Financial Services Industry Cyber Threat Landscape Report

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/cybersecurity/security-monitoring/identity-access-management-101/436393?cid=_whitepaper_14.500005028&_mc=_whitepaper_14.500005028
Title: Identity Access Management 101

Search URL Search Domain Scan URL

URL: https://info.wrightsmedia.com/informa-licensing-reprints-request
Title: Reprints

Search URL Search Domain Scan URL

URL: https://www.informatech.com/

Search URL Search Domain Scan URL

URL: https://www.informa.com/privacy-policy/
Title: Privacy|

Search URL Search Domain Scan URL

URL: https://www.informatech.com/terms-and-conditions/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93

https://www3.doubleclick.net/ HTTP 301
https://marketingplatform.google.com/about/enterprise/

241 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request lazarus-group-still-juicing-log4shell-rats-written-d Show response
www.darkreading.com/threat-intelligence/ 254 KB
49 KB 2534ms
2491ms Document
text/html 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ded62870548b2eda6d63659223400c8c5b59c1dfd772108ccefaaf7ee7a0dca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=300, s-maxage=300, stale-while-revalidate=1500, stale-if-error=3600
cf-cache-status: EXPIRED
cf-ray: 83426d7faf7668f5-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 12 Dec 2023 02:09:55 GMT
last-modified: Tue, 12 Dec 2023 02:03:41 GMT
server: cloudflare
strict-transport-security: max-age=3153600000
vary: Accept-Encoding

GET
H2 200 styles.generated-4JZI2IIF.css
www.darkreading.com/build/_assets/ 10 KB
3 KB 32ms
31ms Stylesheet
text/css 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/styles.generated-4JZI2IIF.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9afb4208e4d617a2672fe91e0eae18d076310ca43de095806415c10e595533cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186322
etag: W/"2587-18bfba43688"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d8f3ee968f5-FRA

GET
H2 200 swiper.min-FCSS2HML.css
www.darkreading.com/build/_assets/ 5 KB
3 KB 33ms
32ms Stylesheet
text/css 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/swiper.min-FCSS2HML.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d04146373bc5fb49c6a59242e2ecf68a936d237df36502ae6019a69a22b82a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186322
cf-polished: origSize=6255
etag: W/"186f-18bfba43688"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d8f3eea68f5-FRA

GET
H2 200 brand.generated-2WXW4UPH.css
www.darkreading.com/build/_assets/ 354 KB
45 KB 36ms
35ms Stylesheet
text/css 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/brand.generated-2WXW4UPH.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05a88534acbb01ad68cdf4956b2a75a89504ba57396b56f4b7e17a357d6e2a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=363886
etag: W/"58d6e-18c58a7e398"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d8f3eeb68f5-FRA

GET
H2 200 northkorea_David_Carillet_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt6f092f0df0aaff58/64f174bc705b0eaf4d4ca749/ 2 KB
3 KB 151ms
34ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt6f092f0df0aaff58/64f174bc705b0eaf4d4ca749/northkorea_David_Carillet_shutterstock.jpg?width=850&auto=webp&quality=10&format=jpg&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

f7a65887be313c8c55d2a3ed227369fd6e1a2a1ce04ca52f002c4a6aae9d6508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img02-europe-west2
age: 510637
x-cache: HIT, HIT
fastly-io-info: ifsz=254726 idim=1000x650 ifmt=jpeg ofsz=2260 odim=850x553 ofmt=webp
filename1: custom
content-disposition: inline; filename=northkorea_David_Carillet_shutterstock.webp
fastly-stats: io=1
content-length: 2260
x-request-id: dc6451ec32084be97653e02c45f1e34b
x-served-by: cache-ams12741-AMS, cache-cph2320034-CPH
x-runtime: 127ms
server: contentstack
x-timer: S1702346995.273001,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "fnaYRiUhvvRPpkcm9S4Zz6UawHzR+6bwg7SlnJYSUSE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 80, 1

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 76ms
29ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2074b871b5a0cf7a87e49f1e4af7080145ebebf4e674ffda31643747d223cb30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 01:29:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 02:09:55 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 14 KB
4 KB 81ms
34ms Script
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/OtAutoBlock.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 57700
content-md5: /FIp/4zYapfYlY6Lvx04NA==
content-length: 3637
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B651FF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 66f60ca1-801e-000e-0e3e-0d1033000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83426d8f890f4d76-FRA
expires: Wed, 13 Dec 2023 02:09:55 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 75ms
29ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /EzX6ku1+i8ak28m1WuIrw==
age: 2213
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Thu, 07 Dec 2023 03:26:46 GMT
server: cloudflare
etag: 0x8DBF6D457AF2822
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a9e484c0-501e-0040-4683-293ebb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83426d8f89104d76-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 161ms
114ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

443cbb0866be9f66c27684372e1c8384d67f03b991b979441b018eabf3eb3f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29092
x-xss-protection: 0
server: cafe
etag: 498 / 19703 / 31080021 / config-hash: 11999804698944333348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:09:55 GMT

GET
H2 200 4b083961-e2ac-4755-8801-f7c83a5fb187.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 5 KB
2 KB 75ms
35ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/4b083961-e2ac-4755-8801-f7c83a5fb187.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 65537
content-md5: gKK4h+x/dMka9W5jOr1Sww==
content-length: 1918
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B1E5D5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 59ff7cb2-901e-0012-7548-234253000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83426d900cab1c01-FRA
expires: Wed, 13 Dec 2023 02:09:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 335 KB
101 KB 107ms
63ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5523ZCM

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd703585e2151539e5f111ab3fc2b113a4fc37dd37831b8d7fad2b37dea21d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103146
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Dec 2023 02:09:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
44 KB 81ms
37ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WB8Q7XR

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec7322e59691444d04994d205252b3d0d55f901d2bbed463b593aef3eef6ad8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44405
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Dec 2023 02:09:55 GMT

GET
H2 200 informaLogoWhite-RZAE7EJI.png
www.darkreading.com/build/_assets/ 3 KB
3 KB 30ms
30ms Image
image/png 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/informaLogoWhite-RZAE7EJI.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a954ff30267fcdc900f3a43a1a0a20627b4a08cf6d9c79c564aabb2d108662f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1017167
cf-polished: origSize=4020
etag: W/"fb4-18bfba43688"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 83426d8fef3068f5-FRA
content-length: 2815

GET
H2 200 email-decode.min.js Show response
www.darkreading.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
852 B 21ms
21ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Dec 2023 15:04:24 GMT
server: cloudflare
etag: W/"6569f5f8-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 83426d8fef3168f5-FRA
expires: Thu, 14 Dec 2023 02:09:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 70ms
22ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a54a7433709edf77b1464bbb29d132f7f79aa998b9050bee477e33a65a0b2a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 02:09:55 GMT
content-md5: sJOV1ojy/59oGK4ZOnFnLg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints
x-fb-debug: Esj/SrQTqk9vyIGqswQPMOAbgTwjtdiwhDnFC7ZTkGY1TKpUu8ozJ4suSohRsCDg7RXaW8KupoJe6FjseHmTrA==
x-fb-content-md5: 6805135defc1b247c2d99a1499105b67
cross-origin-opener-policy: same-origin-allow-popups
etag: "3881e0784e334be23995be33508ff0db"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:20:26 GMT

GET
H2 200 entry.client-VOU2QAI4.js Show response
www.darkreading.com/build/ 546 B
398 B 55ms
44ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/entry.client-VOU2QAI4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81296cd80a48277304e2bc65bca848e51811c932b6e849f756f7e36b4f53bcde

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186322
cf-polished: origSize=547
etag: W/"223-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d8fff3e68f5-FRA

GET
H2 200 chunk-654PJEY4.js Show response
www.darkreading.com/build/_shared/ 121 KB
40 KB 60ms
50ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-654PJEY4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eafbdbc0095496b50fe402ab67963cc4ebba0d4075f384219b7eea3f84fedba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 950855
cf-polished: origSize=124372
etag: W/"1e5d4-18c20679af0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d8fff4068f5-FRA

GET
H2 200 chunk-ADOFUXDS.js Show response
www.darkreading.com/build/_shared/ 122 KB
28 KB 59ms
48ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ADOFUXDS.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae137c002dd470c2b74f83bf3db62f9d6755b6f7e0674acd79a3e7ec4b9738df

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186322
cf-polished: origSize=125229
etag: W/"1e92d-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d8fff4168f5-FRA

GET
H2 200 chunk-KQKZX6A4.js Show response
www.darkreading.com/build/_shared/ 52 KB
18 KB 57ms
47ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-KQKZX6A4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eefd6a5b2748b2d8aac175fd9aaa32b25d6a37e82a00e1ee49bc32d9b39fc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186322
cf-polished: origSize=54355
etag: W/"d453-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d8fff4268f5-FRA

GET
H2 200 chunk-ZSCMMWXX.js Show response
www.darkreading.com/build/_shared/ 1006 B
629 B 55ms
45ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ZSCMMWXX.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5beedf0a9b1e24fb846f1f256f5ba7c62af6ad06ea0965540b1c467dce23944

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 934141
cf-polished: origSize=1007
etag: W/"3ef-18c20679af0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d8fff4368f5-FRA

GET
H2 200 chunk-55Y2XXBC.js Show response
www.darkreading.com/build/_shared/ 2 KB
831 B 85ms
75ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-55Y2XXBC.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cb656f87e7996fd5e358ec6432fc9adfbb76a209a6dfd6b29666c8198a080d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=1549
etag: W/"60d-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d8fff4568f5-FRA

GET
H2 200 chunk-TFR26LLE.js Show response
www.darkreading.com/build/_shared/ 2 KB
873 B 56ms
46ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-TFR26LLE.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70762bfafc8225cf5100e093aed9cff2067f646efd71f12c209d6e21f03d460d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=1765
etag: W/"6e5-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d8fff4668f5-FRA

GET
H2 200 chunk-5M4U4LTS.js Show response
www.darkreading.com/build/_shared/ 1 MB
365 KB 77ms
68ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-5M4U4LTS.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47019850f97be384679e4348c17a61e5254490eef7f31692db554c8b2e72f128

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=1189789
etag: W/"12279d-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d8fff4768f5-FRA

GET
H2 200 chunk-OUHOHBNM.js Show response
www.darkreading.com/build/_shared/ 2 KB
1 KB 50ms
40ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-OUHOHBNM.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27559b119f57726b572027d0abc14b2f972faa34b2767075adb05c8d85d00e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=1867
etag: W/"74b-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f4968f5-FRA

GET
H2 200 chunk-2MQOLYJ6.js Show response
www.darkreading.com/build/_shared/ 99 B
209 B 51ms
41ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-2MQOLYJ6.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 950855
cf-polished: origSize=100
etag: W/"64-18c20679af0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f4a68f5-FRA

GET
H2 200 chunk-4OFPQ62H.js Show response
www.darkreading.com/build/_shared/ 99 B
209 B 88ms
78ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-4OFPQ62H.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186322
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f4b68f5-FRA

GET
H2 200 chunk-O7TTEIW2.js Show response
www.darkreading.com/build/_shared/ 2 KB
809 B 88ms
79ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-O7TTEIW2.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6191075f9483411e4b0e486a7e6b40bb66cf484872c685d6a1d69dd16d7e988a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=1847
etag: W/"737-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f4c68f5-FRA

GET
H2 200 chunk-AFVCZIFK.js Show response
www.darkreading.com/build/_shared/ 421 B
399 B 63ms
53ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-AFVCZIFK.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf79b66cbbd03530848f847c4bc5da897638de5c469a35ba3a636a040f32323

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1116743
cf-polished: origSize=422
etag: W/"1a6-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f4d68f5-FRA

GET
H2 200 chunk-EJDXW353.js Show response
www.darkreading.com/build/_shared/ 99 B
176 B 51ms
42ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-EJDXW353.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186321
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f4e68f5-FRA

GET
H2 200 chunk-L26XXWD4.js Show response
www.darkreading.com/build/_shared/ 19 KB
5 KB 61ms
52ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-L26XXWD4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a69ca131aa080796de8028c1569912fea9af524ecf28e74059c880d7883e4c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=19614
etag: W/"4c9e-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f5068f5-FRA

GET
H2 200 chunk-QF2327UI.js Show response
www.darkreading.com/build/_shared/ 294 B
301 B 64ms
55ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-QF2327UI.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3eec595bb4a367fb8b7851c90c75aef35b9351d576daa1a225486154bb18b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186321
cf-polished: origSize=295
etag: W/"127-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f5168f5-FRA

GET
H2 200 chunk-QE2M7T47.js Show response
www.darkreading.com/build/_shared/ 97 KB
30 KB 67ms
58ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-QE2M7T47.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f76b8089085d9f5781611ba07f6e3c1642e03503a732c182fcdec4b6a8ef38b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=99361
etag: W/"18421-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f5268f5-FRA

GET
H2 200 chunk-VHFLYWLE.js Show response
www.darkreading.com/build/_shared/ 1 KB
774 B 60ms
52ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-VHFLYWLE.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3840450b360c02f20c58cb84b2ad8be644662b0622e4b1b31dd9d9c27cceaa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=1480
etag: W/"5c8-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f5368f5-FRA

GET
H2 200 chunk-J56IETE6.js Show response
www.darkreading.com/build/_shared/ 99 B
198 B 83ms
74ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-J56IETE6.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 945718
cf-polished: origSize=100
etag: W/"64-18c20679af0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f5568f5-FRA

GET
H2 200 chunk-BHA5NGZD.js Show response
www.darkreading.com/build/_shared/ 4 KB
2 KB 64ms
56ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-BHA5NGZD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22902ecf71a804942071a8a3936830e1c4679cbb5932b61aa7660b412756186

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=4145
etag: W/"1031-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f5668f5-FRA

GET
H2 200 chunk-NYVDH3MD.js Show response
www.darkreading.com/build/_shared/ 99 B
173 B 81ms
72ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-NYVDH3MD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186322
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f5768f5-FRA

GET
H2 200 chunk-SJSQF5SP.js Show response
www.darkreading.com/build/_shared/ 73 KB
24 KB 81ms
73ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-SJSQF5SP.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05ae00cb8fc5b43d4fadb7c7999a1e1394cd9f6b9d774aef6c047ba90b1f8087

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=76519
etag: W/"12ae7-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f5868f5-FRA

GET
H2 200 chunk-BGVAJVIT.js Show response
www.darkreading.com/build/_shared/ 268 B
283 B 65ms
57ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-BGVAJVIT.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c104bc5974423b88e53e00bca716b0943a8287088540a368eac8ba0e4d6c9428

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 934141
cf-polished: origSize=269
etag: W/"10d-18c20679af0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f5968f5-FRA

GET
H2 200 chunk-RV3JR3RD.js Show response
www.darkreading.com/build/_shared/ 99 B
160 B 51ms
43ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-RV3JR3RD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 947827
cf-polished: origSize=100
etag: W/"64-18c20679af0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f5a68f5-FRA

GET
H2 200 chunk-U4RHUKDM.js Show response
www.darkreading.com/build/_shared/ 99 B
166 B 72ms
65ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-U4RHUKDM.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186322
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f5b68f5-FRA

GET
H2 200 chunk-WDD67XQQ.js Show response
www.darkreading.com/build/_shared/ 15 KB
6 KB 69ms
61ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-WDD67XQQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90523092a383e5b3308aa18e8807788a6d5401f7a7eea157e9fcf3fb8050242e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186322
cf-polished: origSize=15141
etag: W/"3b25-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f5c68f5-FRA

GET
H2 200 chunk-NR4U7OAR.js Show response
www.darkreading.com/build/_shared/ 133 KB
40 KB 80ms
73ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-NR4U7OAR.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f1f9f8e008bf24d75c184c9869938088d58c76581b056b378d7b3dab512502e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=135988
etag: W/"21334-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f5e68f5-FRA

GET
H2 200 chunk-AEBM4IWQ.js Show response
www.darkreading.com/build/_shared/ 99 B
183 B 70ms
63ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-AEBM4IWQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186322
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f5f68f5-FRA

GET
H2 200 chunk-WH3BRF2X.js Show response
www.darkreading.com/build/_shared/ 179 KB
64 KB 86ms
79ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-WH3BRF2X.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48f4156ff81d5ae3e7be1f4729524d26f6df533f7345cd7c8cbe1675ca912325

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=183427
etag: W/"2cc83-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f6068f5-FRA

GET
H2 200 root-EIDPXORY.js Show response
www.darkreading.com/build/ 42 KB
12 KB 73ms
66ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/root-EIDPXORY.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

410c189549a78a79e62eb2695df7e530ff1ea4744f700e6577a103c2d21f5c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 14:50:16 GMT
server: cloudflare
age: 35361
cf-polished: origSize=43329
etag: W/"a941-18c595b7840"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f6168f5-FRA

GET
H2 200 chunk-74O5PKDN.js Show response
www.darkreading.com/build/_shared/ 1 KB
851 B 80ms
73ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-74O5PKDN.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b29e030300686c8f25abb60f77739a8b7a029360de8e44b84137f0ee78b944c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43836
cf-polished: origSize=1470
etag: W/"5be-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f6268f5-FRA

GET
H2 200 chunk-NGB7SRP2.js Show response
www.darkreading.com/build/_shared/ 3 KB
1 KB 74ms
67ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-NGB7SRP2.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

045793435ca05c0d84981485da28b898fbbe028ca4c24037dc1208ea44f94026

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=3164
etag: W/"c5c-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f6368f5-FRA

GET
H2 200 chunk-DXQBUKYQ.js Show response
www.darkreading.com/build/_shared/ 2 KB
762 B 61ms
54ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-DXQBUKYQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9779d8024e08184691cc163d075ff06964487a870e03ea6d58497a6a623cc5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=2070
etag: W/"816-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f6468f5-FRA

GET
H2 200 chunk-VPNGXE2B.js Show response
www.darkreading.com/build/_shared/ 1 KB
694 B 80ms
73ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-VPNGXE2B.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db5eb2d27578091ffe259eb136e56ca717c07abf5ff0a80fd0aafd71389a8279

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=1240
etag: W/"4d8-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f6568f5-FRA

GET
H2 200 chunk-ZUOCJ4JA.js Show response
www.darkreading.com/build/_shared/ 9 KB
3 KB 82ms
75ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ZUOCJ4JA.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcc48eaea0616fc57430f2303431e9ab6f452fa7c79bee0ad28b9dcab0cb80f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=9652
etag: W/"25b4-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f6668f5-FRA

GET
H2 200 chunk-B2CKVMQN.js Show response
www.darkreading.com/build/_shared/ 4 KB
2 KB 84ms
77ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-B2CKVMQN.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a17db463925c3ec62a4c4869d938f62d5e15202a6d39d51bc47aeda6c56810d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=4128
etag: W/"1020-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f6768f5-FRA

GET
H2 200 chunk-4TZB3MV3.js Show response
www.darkreading.com/build/_shared/ 945 B
655 B 84ms
78ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-4TZB3MV3.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44ef96c51c6dbc388524a1eaaa4e11ee896f5236de64064e2226354e5550f812

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=946
etag: W/"3b2-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f6868f5-FRA

GET
H2 200 chunk-HQRTWE5A.js Show response
www.darkreading.com/build/_shared/ 594 B
416 B 78ms
72ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-HQRTWE5A.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91e1e324b948856bcaf13a2cb785a088349cdfe56a8e7625fc76393088f73f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=595
etag: W/"253-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f6968f5-FRA

GET
H2 200 chunk-SFL5CR6W.js Show response
www.darkreading.com/build/_shared/ 2 KB
771 B 70ms
64ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-SFL5CR6W.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f6c238a9a2e80c8c02722c6c32626d8f4a338f5cbc66dd3b0839c0777dc2319

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=1675
etag: W/"68b-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f6a68f5-FRA

GET
H2 200 chunk-ZPM4WRK6.js Show response
www.darkreading.com/build/_shared/ 2 KB
1 KB 86ms
80ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ZPM4WRK6.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d52ee2ab8820842d2d0451e6be1bbed808ca56e6c34722326c4293cf75334e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=2220
etag: W/"8ac-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f6c68f5-FRA

GET
H2 200 chunk-6A2GLJQM.js Show response
www.darkreading.com/build/_shared/ 99 B
160 B 86ms
80ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-6A2GLJQM.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186322
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f6d68f5-FRA

GET
H2 200 chunk-KD6GWT4J.js Show response
www.darkreading.com/build/_shared/ 225 KB
75 KB 85ms
79ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-KD6GWT4J.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e47781f8172253505cba91fb6190596dfc106b127158cf7d89587eba532cd642

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43836
cf-polished: origSize=230749
etag: W/"3855d-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f6e68f5-FRA

GET
H2 200 chunk-HWYM7NGC.js Show response
www.darkreading.com/build/_shared/ 3 KB
1 KB 84ms
78ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-HWYM7NGC.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

151d14c0610e501f14fe35790c23835a48d2be32fc0a25ee72c24b24126a4d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=3232
etag: W/"ca0-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f7068f5-FRA

GET
H2 200 chunk-YB2PZH4U.js Show response
www.darkreading.com/build/_shared/ 99 B
189 B 81ms
76ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-YB2PZH4U.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 944310
cf-polished: origSize=100
etag: W/"64-18c20679af0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f7168f5-FRA

GET
H2 200 chunk-GY4YSMUY.js Show response
www.darkreading.com/build/_shared/ 99 B
162 B 81ms
76ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-GY4YSMUY.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186322
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f7268f5-FRA

GET
H2 200 chunk-TLFEE7XJ.js Show response
www.darkreading.com/build/_shared/ 99 B
210 B 79ms
74ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-TLFEE7XJ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43836
cf-polished: origSize=100
etag: W/"64-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f7368f5-FRA

GET
H2 200 chunk-ZEO2ONIB.js Show response
www.darkreading.com/build/_shared/ 2 KB
937 B 83ms
78ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ZEO2ONIB.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ca6ce2978a3f8e1902a416ca4b365bdd255596943425a1974f58886fee7e057

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=2400
etag: W/"960-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f7468f5-FRA

GET
H2 200 chunk-VRF5KMH5.js Show response
www.darkreading.com/build/_shared/ 428 KB
60 KB 90ms
85ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-VRF5KMH5.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd05e918a64da4585572ba90ed62c70afaf7fe0ef3451232436026fa8d10c003

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=438497
etag: W/"6b0e1-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f7568f5-FRA

GET
H2 200 chunk-WH3BEQJQ.js Show response
www.darkreading.com/build/_shared/ 1 KB
767 B 81ms
77ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-WH3BEQJQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dd68dcb98eb77fce3df71af24b3f7008364b47b4c65e392df693275f59639fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=1296
etag: W/"510-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f7668f5-FRA

GET
H2 200 chunk-J3GW3C2G.js Show response
www.darkreading.com/build/_shared/ 1000 B
559 B 80ms
75ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-J3GW3C2G.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cfdb94203e02d73551d535b8baafef17d1d49d96f2c525b077463aa56da780c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=1001
etag: W/"3e9-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f7868f5-FRA

GET
H2 200 chunk-3MS3TJ6I.js Show response
www.darkreading.com/build/_shared/ 99 B
160 B 85ms
80ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-3MS3TJ6I.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1017167
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f7968f5-FRA

GET
H2 200 chunk-PTHVAATQ.js Show response
www.darkreading.com/build/_shared/ 1 KB
690 B 82ms
78ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-PTHVAATQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cbcfc63c29d616773550f8fbc28b59c529cc0ee6b783d2366b9df8f290480cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=1062
etag: W/"426-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f7a68f5-FRA

GET
H2 200 $topic.$slug-LB55CYLD.js Show response
www.darkreading.com/build/routes/ 168 KB
53 KB 83ms
79ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/routes/$topic.$slug-LB55CYLD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66cc474b43b663473eb8428a447f98985686161b8eab8008b9ef4f2dc356bb2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 43837
cf-polished: origSize=172284
etag: W/"2a0fc-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f7b68f5-FRA

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 90ms
46ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83426d903a849bfe-FRA

GET
H2 200 Bars-F4G2A5NO.svg
www.darkreading.com/build/_assets/ 554 B
360 B 78ms
74ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Bars-F4G2A5NO.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e4d00cfee02d472b0c80124f87c00a8cb8ea5610201ebbf922d894d2fea4db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186321
etag: W/"22a-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f7c68f5-FRA

GET
H2 200 Search-T2ANYVG5.svg
www.darkreading.com/build/_assets/ 493 B
391 B 78ms
74ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Search-T2ANYVG5.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

592356a6c52e99185da7862c1bc4929308efd3618e8f1c8e1dd665abf205ee62

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186321
etag: W/"1ed-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f7d68f5-FRA

GET
H2 200 ChevronDown-PF4EH6J6.svg
www.darkreading.com/build/_assets/ 449 B
347 B 81ms
77ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChevronDown-PF4EH6J6.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

882c0ef9f4096af29e037f9ba9dcbc71a46605828ae12a77002c0fa5e00c309a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186321
etag: W/"1c1-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f7e68f5-FRA

GET
H2 200 Clock-MSX4SBCD.svg
www.darkreading.com/build/_assets/ 471 B
377 B 77ms
75ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Clock-MSX4SBCD.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae59b218ab2a4bdc90c9da5d696d7c14eb10c26ddfe9882dc74f4e4e0deb7255

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1020795
etag: W/"1d7-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f7f68f5-FRA

GET
H2 200 Linkedin-VQUF3EEQ.svg
www.darkreading.com/build/_assets/ 400 B
344 B 78ms
76ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Linkedin-VQUF3EEQ.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe6411146e7aabcda85d71ec42eabe4fe5fb199f0e9ad759bfa78a42a853535

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1102738
etag: W/"190-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f8168f5-FRA

GET
H2 200 Facebook-CJB5G2HY.svg
www.darkreading.com/build/_assets/ 272 B
276 B 79ms
77ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Facebook-CJB5G2HY.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58016ccef8b151b18ba8a751a7666689dcb78facc25a8710434d2e8629a83142

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1106428
etag: W/"110-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f8268f5-FRA

GET
H2 200 Twitter-YP6RMFLT.svg
www.darkreading.com/build/_assets/ 891 B
571 B 79ms
77ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Twitter-YP6RMFLT.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

688920dcf3bc915f06fdb081e29e9c2b6fbb0ea6727fe5be74f33db0e2c0ad6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186320
etag: W/"37b-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f8368f5-FRA

GET
H2 200 Email-47H7P533.svg
www.darkreading.com/build/_assets/ 777 B
520 B 78ms
77ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Email-47H7P533.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ef59df86d3826ee2048c7707b14be9a819ffe3ce87ca7e989511ac24e447812

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186320
etag: W/"309-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f8468f5-FRA

GET
H2 200 Reddit-5TRN6TDE.svg
www.darkreading.com/build/_assets/ 1 KB
741 B 80ms
79ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Reddit-5TRN6TDE.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7dd61f31dd9d4d1b9e2b24e139ddcaef62287a13664cdb50544ea421f1a1899

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1018325
etag: W/"471-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f8568f5-FRA

GET
H2 200 Printer-U5RDBVFZ.svg
www.darkreading.com/build/_assets/ 741 B
526 B 81ms
80ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Printer-U5RDBVFZ.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b75529201e97f7566ae404c0bd803c64ce29092a13c8e1893369ef3c32c6337

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186320
etag: W/"2e5-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f8768f5-FRA

GET
H2 200 ChalkBoard-7VYJPH3F.svg
www.darkreading.com/build/_assets/ 752 B
477 B 79ms
79ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChalkBoard-7VYJPH3F.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62eee22f7f92913689361d7cad70e166c1f0fe52937c1269996cffaa712e60f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186320
etag: W/"2f0-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f8868f5-FRA

GET
H2 200 ChevronRight-W5LPP5NG.svg
www.darkreading.com/build/_assets/ 305 B
311 B 77ms
77ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChevronRight-W5LPP5NG.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a03522223cf64474a1f91e02c8069ea5560a23266b37b476d7602a621f0c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186320
etag: W/"131-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f8968f5-FRA

GET
H2 200 Date-KJRS72FO.svg
www.darkreading.com/build/_assets/ 1 KB
493 B 78ms
77ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Date-KJRS72FO.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed870769c4fd967977ef0930a14927ac6035d0a9fcd9db0bcef385da69bea2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186321
etag: W/"54d-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f8b68f5-FRA

GET
H2 200 Document-NG4YMZFA.svg
www.darkreading.com/build/_assets/ 801 B
433 B 73ms
73ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Document-NG4YMZFA.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b475b63a797144d91a4b2e34499ab7321bdf6d298d5f1177ec1fa3f5d3b4e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1120382
etag: W/"321-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d900f8d68f5-FRA

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 85ms
10ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:28:22 GMT
x-content-type-options: nosniff
age: 294093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 16:28:22 GMT

GET
H2 200 Logo_-_Dark_Reading.svg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/ 3 KB
2 KB 83ms
33ms Image
image/svg+xml 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/Logo_-_Dark_Reading.svg?width=476&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
fastly-io-served-by: img03-europe-west2
age: 1208493
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Logo_-_Dark_Reading.svg+xml
fastly-stats: io=1
content-length: 1435
x-request-id: 1fe964f2db75878285a9e0086730c3d9
x-served-by: cache-ams12722-AMS, cache-cph2320034-CPH
x-runtime: 66ms
server: contentstack
x-timer: S1702346995.273256,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 5570, 4

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/ 126 B
422 B 83ms
33ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/Nate-Nelson_(1).jpg?width=100&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

f02edc287b721a068471a9e12391d5ec4310291401d61f578bba197c1a6ac148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img09-europe-west2
age: 1269012
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=126 odim=100x105 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 126
x-request-id: 6aee147f2dddae5f5b9b04e833f9f613
x-served-by: cache-ams12769-AMS, cache-cph2320034-CPH
x-runtime: 87ms
server: contentstack
x-timer: S1702346995.273249,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "tNrp/qpYdUqWfJ34ReXQmSxVICx4Nkfiuw2bUIruFd8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 30, 1

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/ 906 B
1 KB 85ms
35ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/Nate-Nelson_(1).jpg?width=400&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

78977aa7e48ac3ada126337dcb1135aef21a49c3371cb081e75b7e52397ab906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img06-europe-west2
age: 1058742
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=906 odim=400x419 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 906
x-request-id: 70d6e95bf3efff38d8610e783db22fc4
x-served-by: cache-ams12769-AMS, cache-cph2320034-CPH
x-runtime: 120ms
server: contentstack
x-timer: S1702346995.273239,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "mSV8bR8qcRiajnJZ9er0odx7U2hZRqOhc+2tz0Px2X8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 77, 1

GET
H2 200 ransomware_Jne_Valokuvaus_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte28f4faffe3ceb74/655c9af69876cf040a5f55d6/ 1 KB
1 KB 84ms
35ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte28f4faffe3ceb74/655c9af69876cf040a5f55d6/ransomware_Jne_Valokuvaus_shutterstock.jpg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

98b3abaf3cd5958921d02ea49d4553536f1b578a3a7ca7feae8d291389e40b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img06-europe-west2
age: 1012499
x-cache: HIT, HIT
fastly-io-info: ifsz=448740 idim=1000x667 ifmt=jpeg ofsz=1088 odim=700x467 ofmt=webp
filename1: custom
content-disposition: inline; filename=ransomware_Jne_Valokuvaus_shutterstock.webp
fastly-stats: io=1
content-length: 1088
x-request-id: 6026a753f5d28e7a149f48d1397b4ea6
x-served-by: cache-ams21029-AMS, cache-cph2320034-CPH
x-runtime: 119ms
server: contentstack
x-timer: S1702346995.273267,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "Iwl21RhD13WjhQvzqM5XKKTJWKPig4GaI5kNYjxWqPk"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 6, 1

GET
H2 200 russia_cybercrime_Klaus_Ohlenschlaeger_Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltbd1d0bc83e84b149/64f179185bee981cbbc9bc81/ 2 KB
2 KB 84ms
35ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltbd1d0bc83e84b149/64f179185bee981cbbc9bc81/russia_cybercrime_Klaus_Ohlenschlaeger_Alamy.jpg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

586ce3ca1ff7925119c7e1d15db9142e95fccf6aa455e99a38b35b4fa4201820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img01-europe-west2
age: 322321
x-cache: HIT, HIT
fastly-io-info: ifsz=1518620 idim=5896x3476 ifmt=jpeg ofsz=1708 odim=700x413 ofmt=webp
filename1: custom
content-disposition: inline; filename=russia_cybercrime_Klaus_Ohlenschlaeger_Alamy.webp
fastly-stats: io=1
content-length: 1708
x-request-id: 1beda6ce917cf893b89be3f9be197fec
x-served-by: cache-ams12774-AMS, cache-cph2320034-CPH
x-runtime: 139ms
server: contentstack
x-timer: S1702346995.273278,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "R4jW855M69+LzbS6dOtBlTtp+e8k+Kc8s/yO6wf3rTo"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 password_brian_Jackson_AlamyStockPhoto.jpeg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blta2cebe79ecf15392/64f156a5b3a30f290d781ec8/ 1 KB
2 KB 39ms
28ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blta2cebe79ecf15392/64f156a5b3a30f290d781ec8/password_brian_Jackson_AlamyStockPhoto.jpeg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

982660fcb5b96257c76ee1630c931fa52b061e7bdf3b7860c553a577036cc217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img15-europe-west2
age: 274947
x-cache: HIT, HIT
fastly-io-info: ifsz=282983 idim=1200x800 ifmt=jpeg ofsz=1430 odim=700x467 ofmt=webp
filename1: custom
content-disposition: inline; filename=password_brian_Jackson_AlamyStockPhoto.webp
fastly-stats: io=1
content-length: 1430
x-request-id: ceac946e069ee90b790eefa890fc08e5
x-served-by: cache-ams12764-AMS, cache-cph2320034-CPH
x-runtime: 108ms
server: contentstack
x-timer: S1702346995.274204,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "uDDHdGPxn1heXYy+uvjTo+0pRl8YukCv6rbTqcG/OmY"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 69, 1

GET
H2 200 manifest-8DF0ED9D.js Show response
www.darkreading.com/build/ 34 KB
3 KB 69ms
68ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/manifest-8DF0ED9D.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d3cd2d24db1682d0f6ae2c7578f550a6081535321c2c786d8be76b36ffe9857

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 14:50:16 GMT
server: cloudflare
age: 35360
etag: W/"8741-18c595b7840"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d903f9a68f5-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 96ms
33ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 83426d909c9a90fe-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.39.0/ 372 KB
89 KB 33ms
33ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
age: 84198
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 90454
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
server: cloudflare
etag: 0x8DA87805EB35DE2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 526a626c-301e-007c-66e1-5a45d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83426d90e9c44d76-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 10:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55986
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 10 Dec 2024 10:36:49 GMT

HEAD
H2

200

/
marketingplatform.google.com/about/enterprise/
Redirect Chain

https://www3.doubleclick.net/
https://marketingplatform.google.com/about/enterprise/

0
0

75ms
26ms

Fetch
text/html

2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marketingplatform.google.com/about/enterprise/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date: Tue, 12 Dec 2023 02:09:55 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://marketingplatform.google.com/about/enterprise/
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0
expires: Tue, 12 Dec 2023 02:39:55 GMT

GET
H2 200 iris-recommend.js Show response
static.iris.informa.com/widgets/v3/ 1 MB
338 KB 73ms
22ms Script
application/javascript 18.245.86.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3/iris-recommend.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b68a678d10f5be0596ffa32b72aaae9e5f4c0328ca7ce7febf2115ef9525aba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 7s2EJRZNHYTbIaaAJ9JivqlceNyJvm82
content-encoding: gzip
via: 1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 08:14:07 GMT
last-modified: Wed, 06 Dec 2023 13:34:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 70520
x-amz-server-side-encryption: AES256
etag: W/"68007db25c2567a8e836ce6588b9e3e3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: BXWTbeL8X4sO1ZTS_FKV0pROOaAB6RZltXd2LBjCqs-FZn-iALfMPA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

583e546f8aa28727e3fa9ebdc8943c0193d63e12bd3f73b23a42a1f7397d0db2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89813
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 02:09:55 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v3.0/ 14 KB
6 KB 60ms
20ms Script
application/javascript 18.245.86.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ce70c645f6b6846f8672e45bcd296846e0ba2e56add026bfdda616c11646e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: hbdzJ4e.vYDfQsm2sq5ZarQrR8556t6G
content-encoding: gzip
via: 1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 08:15:49 GMT
last-modified: Wed, 20 Sep 2023 13:02:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 64968
x-amz-server-side-encryption: AES256
etag: W/"ad3cff3f163cf6a23fb2557083f7b574"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: KJPO4CqQbz83Q3krNTpt2g2393JByU2t1jyglzRXOvgKiwzHPmppkw==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 119ms
35ms Script
application/x-javascript 2600:9000:2394:de00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:de00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:49:01 GMT
content-encoding: gzip
via: 1.1 4e56f2db762d3ef43c44c76cad53cb72.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 01:59:58 GMT
server: nginx
x-amz-cf-pop: AMS1-P2
age: 19254
etag: W/"6555779e-94a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: oXWB5BUaQ9hFdOcE63DFYZ9uh1iVaGeLYr9r4f8vOweScECRZFoPng==
expires: Tue, 12 Dec 2023 20:49:01 GMT

GET
H2 200 / Show response
6600d6d98e534115970f9529a45f3195.js.ubembed.com/ 458 B
706 B 255ms
211ms Script
application/javascript 2606:4700:4400::ac40:944b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:944b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6a1a2699f8213c5a0f49c739978c3346cd387de462fa18e442fa9c4ed73b6f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"aaab40e12ca91eabbcb0f8f10bd5715a-v0.180.1"
vary: Accept-Encoding, Referer
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
cf-ray: 83426d922ce94da6-FRA

GET
H2 200 hotjar-2610568.js Show response
static.hotjar.com/c/ 13 KB
6 KB 112ms
54ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

80d06da2e408726dbc4a3c5676272c5de3c9531e8b13b31c2541189eb91dd800

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 02:09:55 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/c337034d647ed729ed572ca8c6cdfe1c
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: kbT4qwjehytOCvzyKKmEgCl54vDX1NB1eVV_8HopyULCL_N_7mUc9Q==

GET
H2 200 Images-OMBWO34R.svg
www.darkreading.com/build/_assets/ 746 B
438 B 29ms
29ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Images-OMBWO34R.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10593a04f40d62f14afd5d786653fada77089e1845dacfa3f68d4d9ab353c3b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 1186320
etag: W/"2ea-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 83426d91f86a68f5-FRA

GET
H2 200 workpresents-Zoonar_GmbH-alamy.png
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt21e270accde00c27/6567e265c473c3040a1c0b07/ 1 KB
2 KB 34ms
34ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt21e270accde00c27/6567e265c473c3040a1c0b07/workpresents-Zoonar_GmbH-alamy.png?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

0172f18458c048b682616c38fac51182fec12e9b4a918ff4229c18499dcbbd4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img01-europe-west2
age: 1036396
x-cache: HIT, HIT
fastly-io-info: ifsz=2555441 idim=1800x1012 ifmt=png ofsz=1490 odim=700x394 ofmt=webp
filename1: custom
content-disposition: inline; filename=workpresents-Zoonar_GmbH-alamy.webp
fastly-stats: io=1
content-length: 1490
x-request-id: a93824bef50a8d95deabedbaa25b6c00
x-served-by: cache-ams12767-AMS, cache-cph2320034-CPH
x-runtime: 128ms
server: contentstack
x-timer: S1702346996.520239,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "dj8otkGHy3Wx57LNirLeaAmE1XFGWaQLhRj/d4PD7Zg"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2642, 1

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/ 81 KB
18 KB 35ms
34ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/en.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 65537
content-md5: NMyqdpBtpYEfMyyUOi/oVQ==
content-length: 18270
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:33 GMT
server: cloudflare
etag: 0x8DAE1C57C3EAB90
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 361060ce-b01e-003a-5c53-1423fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83426d922dba1c01-FRA
expires: Wed, 13 Dec 2023 02:09:55 GMT

GET
H2 200 Logo_-_Dark_Reading.svg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/ 3 KB
2 KB 34ms
34ms Image
image/svg+xml 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/Logo_-_Dark_Reading.svg?width=476&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
fastly-io-served-by: img06-europe-west2
age: 53514
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Logo_-_Dark_Reading.svg+xml
fastly-stats: io=1
content-length: 1435
x-request-id: 7474e9cd4456ea8951f189343f35306c
x-served-by: cache-ams12722-AMS, cache-cph2320034-CPH
x-runtime: 79ms
server: contentstack
x-timer: S1702346996.566984,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 157, 7

GET
H2 200 ransomware_Jne_Valokuvaus_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte28f4faffe3ceb74/655c9af69876cf040a5f55d6/ 33 KB
33 KB 39ms
39ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte28f4faffe3ceb74/655c9af69876cf040a5f55d6/ransomware_Jne_Valokuvaus_shutterstock.jpg?width=700&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

1d461f256e6f064d9cd3edc4312627748b8d5959bd3461fb0d66f52d9d1752cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img06-europe-west2
age: 1070642
x-cache: HIT, HIT
fastly-io-info: ifsz=448740 idim=1000x667 ifmt=jpeg ofsz=33362 odim=700x467 ofmt=webp
filename1: custom
content-disposition: inline; filename=ransomware_Jne_Valokuvaus_shutterstock.webp
fastly-stats: io=1
content-length: 33362
x-request-id: 2c91f72e8dd758fa164b6d8ea0c75f2c
x-served-by: cache-ams21029-AMS, cache-cph2320034-CPH
x-runtime: 147ms
server: contentstack
x-timer: S1702346996.567240,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "8DpL+G9xJDSWqvrkOGWWgOB0i9jVF2gTl8rZy90Y4IQ"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 99, 1

GET
H2 200 russia_cybercrime_Klaus_Ohlenschlaeger_Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltbd1d0bc83e84b149/64f179185bee981cbbc9bc81/ 51 KB
52 KB 83ms
82ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

f3d2b7e55d13189504623109c556e1cb775a14cd270bff5dbda182471bbac602

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img01-europe-west2
age: 322322
x-cache: HIT, HIT
fastly-io-info: ifsz=1518620 idim=5896x3476 ifmt=jpeg ofsz=52452 odim=700x413 ofmt=webp
filename1: custom
content-disposition: inline; filename=russia_cybercrime_Klaus_Ohlenschlaeger_Alamy.webp
fastly-stats: io=1
content-length: 52452
x-request-id: 1beda6ce917cf893b89be3f9be197fec
x-served-by: cache-ams12774-AMS, cache-cph2320034-CPH
x-runtime: 139ms
server: contentstack
x-timer: S1702346996.567234,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "mRTxn1sRqSfJI1BoUFDEY4VsceOICOFylva+kX1ZZnI"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 72, 1

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/ 3 KB
4 KB 35ms
34ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/Nate-Nelson_(1).jpg?width=100&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img09-europe-west2
age: 1764312
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=3376 odim=100x105 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 3376
x-request-id: 9c5556d9362879be6f0edfaed536b8c0
x-served-by: cache-ams12769-AMS, cache-cph2320034-CPH
x-runtime: 113ms
server: contentstack
x-timer: S1702346996.567218,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "qPc4Ej0Icam3tgfIlB+gqtt4GyFe8VrlHnMKfkTmDM4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 36, 1

GET
H2 200 northkorea_David_Carillet_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt6f092f0df0aaff58/64f174bc705b0eaf4d4ca749/ 49 KB
50 KB 68ms
67ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

6a67e8ae3db790f1a327f521242195c3ca55cd7392b16f22614101d2b38145a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img02-europe-west2
age: 510638
x-cache: HIT, HIT
fastly-io-info: ifsz=254726 idim=1000x650 ifmt=jpeg ofsz=50668 odim=850x553 ofmt=webp
filename1: custom
content-disposition: inline; filename=northkorea_David_Carillet_shutterstock.webp
fastly-stats: io=1
content-length: 50668
x-request-id: dc6451ec32084be97653e02c45f1e34b
x-served-by: cache-ams12741-AMS, cache-cph2320034-CPH
x-runtime: 127ms
server: contentstack
x-timer: S1702346996.567215,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "lsdOM3hw6pEMNHPreIuGVdgAfo/HbtVUOLisTQcsFEo"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 78, 1

GET
H2 200 ZGFya3JlYWRpbmcuY29t.json Show response
static.iris.informa.com/widgets/config/cdl/ 24 B
492 B 184ms
143ms Fetch
binary/octet-stream 18.245.86.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date: Tue, 12 Dec 2023 02:09:56 GMT
via: 1.1 d2d6641f7f4e620ab86172e07bc2a884.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24
last-modified: Tue, 28 Feb 2023 08:49:48 GMT
server: AmazonS3
etag: "d14dcd26bd0521dd67cdde302d3ac4a2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: TRX3Y8aeqr-yfrq0XIqdlZ7hoqIrTULDE2bBdWOr14ac4vkhEpMH6w==

GET
H2 200 f23io39d.js Show response
static.iris.informa.com/ 70 KB
23 KB 62ms
62ms Script
application/javascript 18.245.86.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/f23io39d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: r.70SgccGRmRk8cXfo6q55SZB1TmHyVy
content-encoding: gzip
via: 1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 05:59:30 GMT
last-modified: Thu, 02 Sep 2021 16:02:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 72626
x-amz-server-side-encryption: AES256
etag: W/"a790df23a63287b42b6e7324cb81afd9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Ki3bTrT8GhHL9mVM76iUggpwI6CUEsJC68ZIm4F7CZCS0ECJjkfSig==

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/3.0/ 58 KB
19 KB 99ms
26ms Script
application/javascript 18.239.69.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/3.0/td.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-54.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 10:15:52 GMT
Content-Encoding: gzip
Via: 1.1 033f456f54ceb7135f57b018b334dfdc.cloudfront.net (CloudFront)
Age: 9129244
X-Amz-Cf-Pop: AMS58-P4
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Mon, 05 Jul 2021 08:58:13 GMT
Server: AmazonS3
Etag: W/"4b9abb36767431f05495228eb82edf01"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: qOGsjLokpEQLNoX9YysSZcYzhP53XAJeDKabuBIrnhrVGP4MrEF4nA==

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
10 KB 94ms
21ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1211
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 556b62129d954b0d5b92c4f286ec0234774ac6d41353a3c84f8349fa94d88cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:44:13 GMT
via: 1.1 google
content-encoding: br
age: 1542
x-guploader-uploadid: ABPtcPosCIIxqype6kW3z9UTtH5m6Iz9668dpfw9Nx7XkMqVGQ6yECIiTf2cZWOrnfxa1ORzm9E
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10209
last-modified: Fri, 12 May 2023 18:40:12 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1683916812364920
x-goog-hash: crc32c=mZ+Z9w==, md5=kd+C792N6TsjSfrrJlopCg==
content-type: application/javascript
cache-id: FRA-1209ea83
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: bytes

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 71ms
25ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1X1EHQ3PFR&gtm=45je3bt0v873922772z8891172384&_p=1702346995168&_gaz=1&gcd=11l1l1l1l3&npa=1&dma_cps=sypham&dma=1&cid=719231591.1702346996&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dr=&dt=Lazarus%20Group%20Is%20Still%20Juicing%20Log4Shell%2C%20Using%20RATs%20Written%20in%20%27D%27&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&sid=1702346995&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_type=article&ep.content_format=News&ep.content_publish_date=Dec%2011%2C%202023&ep.content_id=blte9f4fd5c184b1190&ep.content_title=Lazarus%20Group%20Is%20Still%20Juicing%20Log4Shell%2C%20Using%20RATs%20Written%20in%20%27D%27&ep.content_contributor=Nate%20Nelson&ep.content_main_topic=Threat%20Intelligence&ep.content_additional_topics=Cyber%20Risk%2CCyberattacks%20%26%20Data%20Breaches%2CVulnerabilities%20%26%20Threats&ep.gtm_container_detail=SCM%7Cv2%7C90&ep.ad_unit_path_code=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&ep.content_group=Threat%20Intelligence&tfd=3058
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 77ms
26ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1X1EHQ3PFR&cid=719231591.1702346996&gtm=45je3bt0v873922772z8891172384&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l3&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 77ms
31ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1X1EHQ3PFR&cid=719231591.1702346996&gtm=45je3bt0v873922772z8891172384&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l3&npa=1&z=440255075

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 16 KB
4 KB 30ms
30ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFloatingRoundedIcon.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mbb70m5YOd2/+METBtRttw==
age: 57417
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3803
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:56 GMT
server: cloudflare
etag: 0x8DA87805A12E7D8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8bb80f27-d01e-0013-6e71-141d8f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83426d928e031c01-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 64 KB
13 KB 28ms
28ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcPanel.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Kw22gRKC0ogRtsT2RwAR9Q==
age: 55642
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13290
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:57 GMT
server: cloudflare
etag: 0x8DA87805AF0078C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2f2e397c-701e-0068-1a77-145f13000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83426d928e051c01-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 22 KB
5 KB 30ms
30ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: B55i3ZY9miZIaUrwjufy0w==
age: 50455
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 84c7e417-801e-0098-36b2-1219e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 83426d928e061c01-FRA

GET
H2 200 modules.0ef46a83101151841364.js Show response
script.hotjar.com/ 218 KB
55 KB 69ms
22ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0ef46a83101151841364.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

72d0e968a2bc13b2b3af3a39d1aa6f240e37b3054feaf1ca31b18399974111fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:44:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 383148
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55456
last-modified: Thu, 07 Dec 2023 15:44:01 GMT
etag: "4f152a0a4d20e1d992c5c15c49e98463"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: meFo_HRS3o-qj8rChrorQ5hYxFEMsJcLRCsrrK9uEsYVtKAZe6QKbA==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 347ms
112ms Image
image/gif 18.213.234.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=darkreading.com&p=%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&u=BhEcnYDSYw4ADTox06&d=darkreading.com&g=53678&g0=Threat%20Intelligence&g1=Nate%20Nelson&g4=article&n=1&f=00001&c=0&x=0&m=0&y=5491&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&b=3093&t=OL3nMDkvbNbDih21KB_d4JlBgf-lk&V=141&i=Lazarus%20Group%20Is%20Still%20Juicing%20Log4Shell%2C%20Using%20RATs%20Written%20in%20%27D%27&tz=-60&sn=1&sv=CR-CUDBO4eKKDTqi6tBmUAnsBmR4mk&sd=1&im=067b2fff&_
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.234.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-234-103.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 12 Dec 2023 02:09:55 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

OPTIONS
H2 200 ed0
c.darkreading.com/com.iiris/ Frame 0
0 173ms
130ms Preflight 2606:4700::6812:6d2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6d2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 83426d930ca28fe3-FRA
content-length: 0
date: Tue, 12 Dec 2023 02:09:55 GMT
server: cloudflare

POST
H2 200 ed0
c.darkreading.com/com.iiris/ 2 B
306 B 153ms
152ms Ping
text/plain 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Requested by: Host: static.iris.informa.com
URL: https://static.iris.informa.com/f23io39d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 83426d93e94c68f5-FRA
content-length: 2

OPTIONS
H2 200 /
cognito-identity.eu-west-1.amazonaws.com/ Frame 0
0 134ms
42ms Preflight 2a05:d018:94a:8a01:c586:685d:9540:69ee
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:94a:8a01:c586:685d:9540:69ee Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-amz-target
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-amz-target
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: a97e90ac-5df1-4138-a276-bba961047ab0

POST
H2 200 / Show response
cognito-identity.eu-west-1.amazonaws.com/ 2 KB
2 KB 63ms
63ms XHR
application/x-amz-json-1.1 2a05:d018:94a:8a01:c586:685d:9540:69ee
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:94a:8a01:c586:685d:9540:69ee Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

980aa198822ce04fa8ffe42f9554c4ec3f34c2e8928fb18e01d50465e41392c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.darkreading.com/
X-Amz-Target: AWSCognitoIdentityService.GetCredentialsForIdentity
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 02:09:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid: 1204b455-1293-42ce-9f1b-2808d07dcec7
content-length: 1792
content-type: application/x-amz-json-1.1

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Informa_Logo_1Line_Indigo_Grad_RGB.jpg
cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/ 145 KB
145 KB 27ms
27ms Image
image/jpeg 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/Informa_Logo_1Line_Indigo_Grad_RGB.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8NigNwrkdBmjWsQuvIR/Tg==
age: 82776
content-length: 148084
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 26 Nov 2021 15:49:29 GMT
server: cloudflare
etag: 0x8D9B0F4552FB1EF
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: f2b94755-c01e-0042-6bf5-118003000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83426d943b874d76-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 46ms
46ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Dec 2023 02:09:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 69793
x-ms-lease-status: unlocked
last-modified: Mon, 11 Dec 2023 03:29:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5d928c3f-b01e-0093-02e5-2be289000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 83426d943b884d76-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 815 B
468 B 56ms
55ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346995919&lmt=1702346621&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=1600x6043&msz=1600x0&fws=0&ohw=0&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3Dwelcome_v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2266329518&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17fa83852bd61cbb11f9304c8721309095d1edd7b76e624dc6d6e9b1175b63f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 438
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
15 KB 98ms
98ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346995924&lmt=1702346621&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=1600x6043&msz=1600x0&fws=0&ohw=0&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3Dbigsky_v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2064109412&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f7d77bb6f08edfb4c9d750f2804d993d677fa569fab3255532cf545a55d105e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15518
x-xss-protection: 0
google-lineitem-id: 6400457718
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138453496229
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 574 B
310 B 97ms
97ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346995925&lmt=1702346621&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3D100_1v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=3163609784&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

446dad4d6c2d9bacaf42041ded317994bb1d6b1e003841affff3c549096de2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 280
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 574 B
311 B 117ms
116ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346995927&lmt=1702346621&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3D100_2v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=801778401&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0fb3af484abb45489f3215ba712a50af3fb610841d59bc2f71ae515d502f36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 574 B
311 B 86ms
86ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346995928&lmt=1702346621&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3D100_3v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2688451131&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8504e973b706727ed2448ad3941873fbfb0437005c4ce1b265ea34098e0aea77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 574 B
310 B 122ms
122ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346995929&lmt=1702346621&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3D100_4v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=1989837660&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10c1fc45d472d1c1a5c7993c0aae005fe362ba9766c0d02f0e39cf1f7bd004b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 280
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 574 B
311 B 103ms
103ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=7&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346995930&lmt=1702346621&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3D100_5v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=1016483486&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a97a5ae8f0b245c69a8ef6d33f6ee9271df4482d910cbdeef9d7e0abaf78da79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 574 B
313 B 105ms
105ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=8&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346995932&lmt=1702346621&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3D100_6v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2718966454&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a58001b26b1b397ee0a3a7cd9fd2f1d0ff18403c7abe79189664551aa569a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 574 B
311 B 91ms
91ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=9&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346995935&lmt=1702346621&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3D100_7v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=244923787&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6569c8070cab2447d46991d8d908bc32f93e558ba8c1e5ee03f7dc91e7dcb36a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 574 B
306 B 105ms
105ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=10&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346995936&lmt=1702346621&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3D100_8v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2004568867&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5e06ab6731ba652b762ad9d01d545d84ada4c356b6c4ca7a223b65c6b536f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 276
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
6 KB 117ms
117ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=11&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1702346995938&lmt=1702346621&adxs=800&adys=299&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=1036x5382&msz=1036x0&fws=4&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3Dwallpaper_v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=3568718387&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9062daac44e4a1366d431500e8043facce1095289d1f9dcbe812a4d05b1b6998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6243
x-xss-protection: 0
google-lineitem-id: 6375611943
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138455689340
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 574 B
313 B 106ms
106ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=12&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1702346995939&lmt=1702346621&adxs=800&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=1036x5382&msz=1036x1&fws=4&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3Doop_v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=4281914279&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ddc5f310dced37a33e8a20965de6da30c112ad468daa253bab6b2d7fd1140da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 574 B
310 B 119ms
119ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=13&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346995940&lmt=1702346621&adxs=800&adys=301&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=1036x5382&msz=1036x1&fws=4&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3Dfloor_v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=1131225635&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddec949a61493a83293b5731fc09c23a1f9132e29147c1a4f519548f01287693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 280
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 574 B
315 B 110ms
109ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=14&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346995941&lmt=1702346621&adxs=800&adys=5631&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=1036x5382&msz=1036x1&fws=4&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3Dadhesion_v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=3728273033&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddbfe7fcf06a23a5b4d09a01540a814654cc0457ead80cda1eb07330da106497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 285
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b8f45e5b782b28a61a9f64c0df209487.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1A8E 6 KB
3 KB 99ms
26ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b8f45e5b782b28a61a9f64c0df209487.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 02:09:56 GMT
expires: Wed, 11 Dec 2024 02:09:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
18 KB 110ms
110ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=15&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346995966&lmt=1702346621&adxs=436&adys=274&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=1036x5382&msz=1036x50&fws=4&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3D728_1v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=206257688&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6c8c3233d3127db0d662fb724e1cfa913b6651a2a0ec175c9a40e89ad56ec08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17931
x-xss-protection: 0
google-lineitem-id: 6381570210
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138451416397
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
18 KB 107ms
107ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x100%7C300x250%7C300x600&ifi=16&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346995974&lmt=1702346621&adxs=1006&adys=640&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=324x4899&msz=324x100&fws=4&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3D300_1v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2192439130&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2abc861e62d4050ec1379274c6539b5d56a6d6c707d126c28e931463993ed11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17954
x-xss-protection: 0
google-lineitem-id: 6375611943
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138455699852
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
13 KB 106ms
106ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=5x5&ifi=17&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346995984&lmt=1702346621&adxs=1154&adys=588&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=324x5&msz=324x5&fws=4&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3Dresource_v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=630980475&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db4bee11e5ed375cbe35b690b2390e4e08f7dc9140a83796650d3fb2dff96ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13790
x-xss-protection: 0
google-lineitem-id: 6375611943
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138455424706
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
254 B 44ms
44ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=62439&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&pv=1702346995987_pg582pa01&bl=en-us&cb=4521397&return=&ht=&d=&dc=&si=1702346995987_pg582pa01&cid=&s=1600x1200&rp=&v=2.5.3.51
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:56 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 85ms
20ms Script
application/javascript 108.138.26.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:08:38 GMT
content-encoding: gzip
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 7196478
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: wWxiAFFGKzaXTY6m3Rjit1tjw1FHPSbI549qJI62VylKKRh5VFPmww==

OPTIONS
H2 204 js_pageviews_itcyber_darkreading
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ Frame 0
0 72ms
20ms Preflight 18.184.48.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1702346995992

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.48.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-48-90.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-td-fetch-api,x-td-write-key
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 7200
date: Tue, 12 Dec 2023 02:09:56 GMT
strict-transport-security: max-age=31536000

POST
H2 200 js_pageviews_itcyber_darkreading Show response
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ 16 B
478 B 63ms
21ms Fetch
application/json 18.184.48.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1702346995992

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.48.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-48-90.eu-central-1.compute.amazonaws.com

Software

Resource Hash

56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-TD-Write-Key: 100/bb9cbe21de3db7a5428506d7528e45b2c801a48c
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-TD-Fetch-Api: true
Content-Type: application/json

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
p3p: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
access-control-allow-origin: https://www.darkreading.com
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
content-length: 16

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 302ms
131ms XHR
application/json 18.203.9.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.9.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-9-136.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b363dcad8312450cbb6a3ede9b98fa41d975f29a24020e17a28a68f5548dbb62

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 12 Dec 2023 02:09:56 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 577 B
314 B 54ms
54ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=331138331645438&correlator=3513903326445797&eid=31079827%2C31080079%2C31079240%2C31080021&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&ifi=18&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702346996132&lmt=1702346621&adxs=1156&adys=1112&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&vis=1&psz=324x1384&msz=324x0&fws=4&ohw=1600&ga_vid=719231591.1702346996&ga_sid=1702346996&ga_hid=275933121&ga_fc=true&dlt=1702346995067&idt=468&prev_scp=pos%3Dnative_vertical_1v%26ptype%3Darticle%26nid%3Dblte9f4fd5c184b1190%26aid%3D778935%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=921769895&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6873f3c48527407e10b9b0be039acfccd740a112abd9ddb988adbe4d0d86624e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 darkreading Show response
api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/ 3 KB
2 KB 136ms
136ms XHR
application/json 2606:4700:4400::ac40:966b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/darkreading?item=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&limit=4&mode=db&item_age=12

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:966b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d06750ddc9377500a5cdae168cd2ee5d645cc4adcfb09d4d72c791769af2441c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; require-trusted-types-for 'script'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, DENY
X-Xss-Protection	1; mode=block, 0

Request headers

Accept: application/json, text/plain, */*
X-Amz-Security-Token: IQoJb3JpZ2luX2VjEKr//////////wEaCWV1LXdlc3QtMSJGMEQCIBkHZJV1DVMWkscXhxyiUu3mJmzASHvokoNN1Q+iixGNAiAJiSyU1Sa0orwjTG3OaKPH1D9QgpBd7d0VTZle5TVExirJBQgjEAMaDDA1NjA0MzE3MDg5OSIMIQieDI7zLs/dpS1QKqYFege0WG52Y3Pd60W+Lp0YKFASt4LVeTfuFGSX3w+0sGQdVHyl5jWxgAgaTjVC+SZJ0ceIXrHj6PWPjh3joX78n9nqB/DE+TsTkxbHYLhiVME2UXb+jkE94dmKx9+ooS6tloURyK+6h8KnGfl110mKWVWOE3MS9Cl62axLPQVcSIwfBLrWOScNpjXhYlBM9+ei44jgW539mMoHIQoEK2weBgVmR01Sl1kriO6h0GZdqlnUy/pbTfeEgjFM8aeySSSO84WjRr6C7TejTMyVrujHjwuGuWLjcM9UCTF9Q3D/8kkjVhB0S3HFYRKEE89114abWfJbPHU+tYCrdB3M26iYSaGm0hJ7P8LLQ/bikIMJGxnjoEyqcxqj6l/ndr2UNHON+c0vjgg3k6o6rJaA46Ib5/C7IZxqYR8Zs6EZqnKuzNWqn0i56fFwy8pWWtgooJ5LgqMaE+t+AASwpqyO7m6EkA2zBBHKQsvKulaGKWF3VhlKylyU5Zuw0DlM9vpxSstl7iF/83TTFcfSDlPzX9kCzEIsXYAVZj+/WAijxzzyMyEXfOyvCVy1Ac2wuwEB7Gj8B+KR+voLD0XIwwYmuSdkRygOmj7H3ek+dGmDZ+wY1u2lOiRuwVanbehZG6pRBHzMO3gPZpTaOAqeNVRegZfxnL0ylEoyZFQ5iIzZ+URUelJNbAvNu2ujgSt7zsNEZIdh1ck/rp9jY9KXrCm1m4uyCgmQ1K3XjZEmvko/hGT/RtOI5M8BikJzp/4Qf15tNGcwAYuoCSQX2npK92NB4WZ4S3fwZqqdOcbNl/7nxjNU4RI/Gzu+sAGhV6XsfZEDJqApmLjYj6GXBrJrpiQ8Qf1Oh4C7S47lFLZC9q3crMt6qjobiKB2R3I7HLXv5NO+h8K8MYAx+LM1MPOB36sGOt4CEqXhHe/JtV5Ip9L+Gf8sZbnDxBxlRi/VDgKSO85RCoFZG1wHLtM6i9lm7g9uaeErATY/KbcjCTo2pIyJPQ2iIihNCz7sKFzHZ404EvdQE1P3nk7xAgCDTPmOABqNCXLigj4mlk1rYcyllAxsprgl3SafoyeGx9+gJu3G1Ccl3BJflM4O+Kcn123r0L5UtpbJwKVcUW/m89BeTA5LplG92Ap2NnbIQsQZ8sTM2Nv4TuTmPFrNiVQWlJyWSl9vkPIDZXD48eNK67YrwL6UZbOTHusNElj6av5Kj0K3qf9pMKPpKD1Cz+hnXQZzRD/dGe+9u7sQDms8asklBTx0hwW9ymJwe5M9xOip99vMNen7Cz7pu9X0NFkzNsBnxwejErrVZ/ZS0vy0MfEgj2oN7mnmLSkwy3zTtfu2i+UEn2d1cuuvPrYGbbJOKKWA3UPmVXynMATCYVvBxc8Ths/JXX4=
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
x-amz-date: 20231212T020956Z
Authorization: AWS4-HMAC-SHA256 Credential=ASIAQ2DDO5RJ26O3XVOK/20231212/eu-west-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=5e7f3c491605ebc89f0cd43bbbcddf927a542419f4c71b3f12889dea1e22b5ac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-amzn-remapped-content-length: 3454
x-amzn-remapped-server: uvicorn
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; require-trusted-types-for 'script'
content-encoding: gzip
cross-origin-embedder-policy: unsafe-none
x-amzn-requestid: 0f06d17e-b8b9-4ba4-bb0e-23aec45c5176
x-amzn-remapped-connection: keep-alive
x-dns-prefetch-control: off
cf-cache-status: DYNAMIC
x-amz-apigw-id: PzsWPEAhDoEFQrQ=
x-xss-protection: 1; mode=block, 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
x-frame-options: DENY, DENY
content-type: application/json
access-control-allow-origin: *
origin-agent-cluster: ?1
cache-control: no-cache, no-store, must-revalidate, max-age=86400, private
cf-ray: 83426d976ab31cc9-FRA
x-amzn-remapped-date: Tue, 12 Dec 2023 02:09:56 GMT
expires: 0

OPTIONS
H2 200 darkreading
api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/ Frame 0
0 190ms
147ms Preflight
application/json 2606:4700:4400::ac40:966b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:966b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amz-date,x-amz-security-token
Access-Control-Request-Method: GET
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key,application_id,iris_profile_id
access-control-allow-methods: DELETE,GET,POST,PUT,OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 83426d967a621cc9-FRA
content-length: 0
content-type: application/json
date: Tue, 12 Dec 2023 02:09:56 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-apigw-id: PzsWOE2lDoEFddQ=
x-amzn-requestid: bcd97134-55c1-4efa-92df-0a133d39d4a1
x-content-type-options: nosniff

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 608E 0
0 224ms
224ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgy44TMio6M5OW9oXQtkBwA4ABHtUq4o0BYpxZdxEBDbpL0D6G1M32ok6m9AJ6Azvzr6EG7Dp1Bwl7oKIRNY4YlvKyf0126zkSzn-H9ad3_T9uaJ5nXE10STyyF6VNimkPAPaIMS8kV7WeWkrA__qesqf708QpRCU46OOoM2j6ftqCq-MZjFAj9vkquwbP-Z3XYD_o50WXJeicMDx4KBwqTokT3UL5nLrnpZzrd5728vX8s143emWNpSRrxJuPTbhkZr1YbYiwKjWt99b07QizLOf-VmMkDGqurVKIPYL6l4pooHV2OBRCUE7mLbJSsayNsaUKnmCTj2aNIZtrc3G58M3fAuwabl3oo1LwlzgqIzjnCyS0WKy8uO2jAnAsD94-I0-LMNmhJCDcSHjbyJFxsqJ6Tk8&sai=AMfl-YSc-syzCKQw7cGg2UbotoJldFdtkBA0pCDxThDhKatctjEIs1sn6SVEekuzrH4Yc974uSDZaoGQL9ikGe1D7qvOaZ8N-hYG7Hfcjuizhu05jF7PwirkewR0_yKkBTBJtovwcyZoSa50HZxewSQuq8W_&sig=Cg0ArKJSzI3vurD_QZVTEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 608E 2 KB
681 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 01:41:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 02:09:56 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 608E 202 KB
64 KB 129ms
82ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:09:56 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 608E 332 KB
113 KB 74ms
20ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f38fba41b47e5777585f56e05073811ec8d97dc0c0677c203b90bbd26cc1c968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 07:34:51 GMT
server: AmazonS3
x-amz-request-id: FFQKJ5E7GT7XB6DE
etag: "dcf178c396defd0abd325e6e06ca1b14"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=36513
accept-ranges: bytes
content-length: 115639
x-amz-id-2: qiY57eAKx8XgIxjk/vtG+kLQuI+KEnq9ORUNSuk8+cUyGjO+QEwvkGglQA7J3tsnCGeLWYuNEWg=

GET
DATA 200
OK truncated
/ Frame 3431 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80e48a84884058bbaa35c4859afc308daccfdffa7c2d97b0b30cadc23967bd1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 00B5 0
0 173ms
173ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucCeP5miosk5WYe4SksnNh8Qd8hbcPiSUZbjlgyIYgK1XsibZxpORQKrmlS34W2FgzMoChks7steYa9BPF8Z3brGa1r2QQA5Jm242gxnvKYcKLByefKzoRIiBHIvrlmWkdxXjxVSU68I5HbmnV8nMn2EswVwlxp4uqvW4YCa6hwcHEGm4eZJvqUrdj-c1XnT1cqKyik0Zc7UObp3b_gbNGtHWYe5wO6Epvsgl9pb3WHCVZk2QVf9ffcJS0r54ZTUH-SYWWzAWWmjx_bf50d5n1rwhyCEUJilN3Y2IBBeAo3NdAKptda6r-JwemND94CSqXpr3s0-1GlpIErElT4dxIJU56PhkWpBdi_NBDz3c5jO3FlqH2wCdMGcSnLsOip7EiwQ&sai=AMfl-YTwRXkpB1ql79vlnB4zHIhbbXqRyIQNAaG9vXA5MzreNLcFkQyTgAKuDxavifsKHqMJXEjivIXx1pBD7vFKesbzDqvR9a5VQPLIgnQKHNiL_0wSEzMXdCYjkR7YcoXcSSdY6zYTG0zsvXZ-qH0g5oDD&sig=Cg0ArKJSzMoAkr3g9c8gEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 00B5 3 KB
2 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 23:48:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00B5 202 KB
64 KB 145ms
145ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:09:56 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 00B5 332 KB
113 KB 72ms
71ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f38fba41b47e5777585f56e05073811ec8d97dc0c0677c203b90bbd26cc1c968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 07:34:51 GMT
server: AmazonS3
x-amz-request-id: FFQKJ5E7GT7XB6DE
etag: "dcf178c396defd0abd325e6e06ca1b14"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=36513
accept-ranges: bytes
content-length: 115639
x-amz-id-2: qiY57eAKx8XgIxjk/vtG+kLQuI+KEnq9ORUNSuk8+cUyGjO+QEwvkGglQA7J3tsnCGeLWYuNEWg=

GET
H2 200 11871773975220516418
tpc.googlesyndication.com/simgad/ Frame 00B5 74 KB
75 KB 92ms
45ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11871773975220516418

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd34a5668e6084a9683d4910202906d6aecafa413322b5f8030576c865b248dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:27:31 GMT
x-content-type-options: nosniff
age: 85345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76195
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 14:45:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 02:27:31 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74B6 0
0 213ms
213ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukoxNY6R_9zApOJKgiSRpvA0PfP8bt8sk85NuPfbLH5PmogH-_x-xsAUCg4o8JrKyJ-uc6xZVZg_t3G_1liFd79XqNjRdsuxknW07lOHnknB7KtIG1EFgBese3OkG6-ZZwDqn1_77OCmU_6ffNRdc7XbplyzAORt1scwAi0UsoWDsYUY7dk9ehmeKBi-zE4Q76zPhJhmUj2-43Vlgm4BZgQmpMPA140NqTeuRftjjt9k5WnkmuXxiDy9a_AFPEk99Hw163JHA4ozvPA5642HYkJZz5i0RffJ38H36a85DyEdFJqsQ5aRw0CHtdeq5B7d3Z5KgX0bthl9JtoyLxYSqkdcoE6fjw4ack8KaE1LJbXiL7XUaQtitaRCfHlOVsvJySww&sai=AMfl-YRjWH8Lbm5jFTprACNasxsafhyiMYkGt_dGBmTdW46xDdXJ-2TGBW-US0qLEf4IwvP5kbJJiMvRc6cbMxpvcAMYuiikRIV3LpV-h93fps9epTX-LvAEs-k8g7YKQIaS6An2JMTcKgUmszpSlGDDsZs&sig=Cg0ArKJSzNXUamvDOz2oEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 74B6 3 KB
1 KB 57ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 23:48:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74B6 202 KB
64 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:09:56 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 74B6 332 KB
113 KB 79ms
79ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f38fba41b47e5777585f56e05073811ec8d97dc0c0677c203b90bbd26cc1c968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 07:34:51 GMT
server: AmazonS3
x-amz-request-id: FFQKJ5E7GT7XB6DE
etag: "dcf178c396defd0abd325e6e06ca1b14"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=36513
accept-ranges: bytes
content-length: 115639
x-amz-id-2: qiY57eAKx8XgIxjk/vtG+kLQuI+KEnq9ORUNSuk8+cUyGjO+QEwvkGglQA7J3tsnCGeLWYuNEWg=

GET
H2 200 5458215764298962786
tpc.googlesyndication.com/simgad/ Frame 74B6 11 KB
11 KB 93ms
59ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5458215764298962786

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f63a96e167b022cd7b40c9d8a9daffbe9d9c3b769e7dbcbca3d71e923ad5a688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:49:42 GMT
x-content-type-options: nosniff
age: 26414
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11100
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 21:24:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 18:49:42 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6C1 0
0 214ms
213ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYkwcEeqmUJQg2Vps502BP51Xv5pUJVfFQcGmOWzp0LqwRUfHnPPH7-InxI3oACph3yG_5gadOzVAir1nVQEr70cJihQJwi0M5sAbkshNPWaSa3wYbUq4a4M584hbRtd1_m0sR-Dj-e2M_jaC64tGIkt4lXTMcTFsgYN8mPCWvzT4_um4QMHbShBVi2Oo0s8fiBKuCorQom4gmlfGCFR8diEl3vT2U1ZZMcXdY9eMTESxvEL0wIrBkD2GVOaB3Y3tBsO5nkVkCuIhOyuqSNeWLsRp5_q00oOFd1EM1gIReryi0ebw73ny51y100X6EU5ASGcn3f-z4qr3Kc1wSy9RMuRXlZp5T6FvBhP-ZvJR1SMLKxdDS2x-5HMu29siZJTn0Pg&sai=AMfl-YQBqankuGZrWsbfGvOYZAzi7RPmrf5Uxr4EJwkd0ZMI7YrQVDBvvrfrY0Rq-7GSoKzIYHWheRerVycV8dXJU1DdOJ9KbWTbovtN7nZ-YbHK7n1_unL-HTLd_rGAYg9SrqtkZ0GT8mZEMuT_jWHN7kg&sig=Cg0ArKJSzA72kLdTPe7ZEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B6C1 202 KB
64 KB 110ms
109ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:09:56 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame B6C1 332 KB
113 KB 81ms
81ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f38fba41b47e5777585f56e05073811ec8d97dc0c0677c203b90bbd26cc1c968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 07:34:51 GMT
server: AmazonS3
x-amz-request-id: FFQKJ5E7GT7XB6DE
etag: "dcf178c396defd0abd325e6e06ca1b14"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=36513
accept-ranges: bytes
content-length: 115639
x-amz-id-2: qiY57eAKx8XgIxjk/vtG+kLQuI+KEnq9ORUNSuk8+cUyGjO+QEwvkGglQA7J3tsnCGeLWYuNEWg=

GET
DATA 200
OK truncated
/ Frame 00B5 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be2d7c6c0f46b379568cad187530ac45f6e818cb5679ba45e95f52f9afb8a1e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74B6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4926da14a54020f2be76fefa829aca6e95a28f02446b4bf0810d9b12da0b624a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3431 0
26 B 214ms
214ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyUNzGBECRjiTd4-3Ge9H4mvzrQPMj0DQDTnLhqezU8ikvlCI7piqi1dkHOWeFNSDZ1jfE3K3E-tnx4mVNyAYAEl0zqWYOuG4c6jIZADjNM0hDV5uRUypz5edslrQqrXZ54maq9GRdUoLylrLRgntj5DGLveW5335zD-k7btZm9iruLj_7Z_ykuHlDdPbnez6KWBjaXhnD7sVgGRc20m9Zig3Uy3NmTURAOMMllpl6RVe9eM-DOmJ8RRKL3TQVDa3zPhyTPMqldlQ6vsmNhHN7B6PDpOGpNeHtmw8hYoLNIEJLw68tkk9HxZySIULyjidV7-3opzjUd0D_UW39mkUzbtIxAB3YuX7qiEwujFd7PsB-2Ttp5Q7uk96Fig5aVPnyB7eBZg&sai=AMfl-YRLuoma0lXMusBvPwuLqhr9VNvFHq6bEtQynIRIQxAod3ToWLngunECrl27yF4InyBMCMviXbd70ekwiKCNd0bODZdbyfqokHX4U-ppPRHPFqpucmhs_372y4QSaqnnEOXf45o312mQ6hv_Y0k6Y0E&sig=Cg0ArKJSzEZA7boSmvrOEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK web.js Show response
ads.celtra.com/ba18906d/ Frame B6C1 14 KB
5 KB 513ms
141ms Script
application/javascript 52.71.135.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/ba18906d/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvmACHWjL3pIO-Dz34ukgeLNuk4csD--fr01jSAXz2IeVxkyDphHHyEJVlRQL56DRzhzGrtQwgRwPv1JfG8b3rCuIo2T9nib0nBKc5yJEknaiWtb38J6dMq5GzkLw5OUlUKE5XKhBfSYszGk37i7o0BwLaX0M3JHi2u6urGqf0oOoNbEQY3QYS67CrBaL0yPRnQ4uB8W1exsIApZOcn8Y7JDE6qNiGmaNhrwwC9NhcrcIM-IJajFPB_oYem-ENSb4srvFc6ud36e5WC2EIvUpH8Uz0HNBm4V4ZonE9g28g7YasfrsLUGW-YBlO0oPEP8gWuGotVEnBXuTODyFw7S3DJUwfBsPADYMD_l1ZHJeyameTVL3eO_dixXA5uboiWGA%26sai%3DAMfl-YSo-S-uYIX32RFMhkY1aFAMWniLPvZtmzOx2DevFYj0coO9pfERfxB9sNPHqFWuPXirpkYc9nRp-Gnvsc0LL0M3hHN3hAMZEQ95f1B7orH9ziK-peafwmJfRUwT9Puj1H5MITc0JQysPBEb_OAIaeQ%26sig%3DCg0ArKJSzJaFhw1L6MwAEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138455424706&externalCreativeId=138455424706&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6375611943&externalCampaignId=3249108460&externalAdvertiserId=5004764576&coppa=0&scriptId=celtra-script-1&clientTimestamp=1702346996.307&clientTimeZoneOffsetInMinutes=-60&hostPageLoadId=47486312387203955
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.135.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-135-118.compute-1.amazonaws.com
Software: /
Resource Hash: 4b08471b5dafc80338ffde184b1a11b2199e982708e2e58efd3a6e0d164ce654

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 02:09:56 GMT
content-encoding: gzip
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 4931
Expires: 0

GET
H2 200 11366068294712244618
tpc.googlesyndication.com/simgad/ 151 KB
151 KB 32ms
23ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11366068294712244618?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

074b1c42c1015602422da108d97bcd9a4cc6452467aed7c76a1ded76b7c7ca2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:02:16 GMT
x-content-type-options: nosniff
age: 50860
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154561
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 20:14:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 12:02:16 GMT

GET
H2 200 12749461329781092225
tpc.googlesyndication.com/simgad/ Frame 608E 53 KB
53 KB 82ms
81ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12749461329781092225?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16babd6112c0245fd8d02276048fa88f6a4a635a8be83ad405c55ca0fa6d08dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:26:43 GMT
x-content-type-options: nosniff
age: 2593
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54055
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 10:37:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 01:26:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 608E 15 KB
15 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 09:26:44 GMT
x-content-type-options: nosniff
age: 60192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 09:26:44 GMT

GET
DATA 200
OK truncated
/ Frame 608E 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e8c9ed26277e3fb6a723db40a20a665586cd33f157a9b2b86775440224a752c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 tag.aspx Show response
ml314.com/ Frame 608E 31 KB
10 KB 21ms
21ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?12112023
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 556b62129d954b0d5b92c4f286ec0234774ac6d41353a3c84f8349fa94d88cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:48:46 GMT
via: 1.1 google
content-encoding: br
age: 1270
x-guploader-uploadid: ABPtcPq_BsYpIYcB_LfFOp1H-UMRDJ1EHc_Nnd1wZjsmQ8Bvg_xj2JY53iYG9DbYCXKsmtnK_Jpen0Lbztvushw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10209
last-modified: Fri, 12 May 2023 18:40:12 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1683916812364920
x-goog-hash: crc32c=mZ+Z9w==, md5=kd+C792N6TsjSfrrJlopCg==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: bytes

GET
H2 200 n.js Show response
mb.moatads.com/ 100 B
278 B 193ms
51ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-hQUexRkFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-gZp8RG4580cdYQ%3D%3D&sc=1&os=1-9g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1702346996408&de=788398253717&m=0&ar=cc84ca2002d-clean&iw=bf56fd0&q=2&cb=0&ym=0&cu=1702346996408&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5278855160%3A3264493854%3A6400457718%3A138453496229&zMoatPS=bigsky_v&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&id=1&ii=4&bo=22316126855&bp=22339890152&bd=bigsky_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A2653%3A3721%3A0%3A2697&fs=206701&na=845635231&cs=0&callback=MoatDataJsonpRequest_76355244
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: d77bbeb1ea8829b6393cea82fbb61008b45d408bfe35ac9bbcbfb7719b1dfe8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
server: istio-envoy
etag: "879f263bb0d3df7af9530b2f913f314d105bdda4"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 9
timing-allow-origin: *
content-length: 100

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
275 B 28ms
20ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1702346996408&de=788398253717&m=0&ar=cc84ca2002d-clean&iw=bf56fd0&q=3&cb=0&ym=0&cu=1702346996408&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5278855160%3A3264493854%3A6400457718%3A138453496229&zMoatPS=bigsky_v&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&id=1&ii=4&bo=22316126855&bp=22339890152&bd=bigsky_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A2653%3A3721%3A0%3A2697&fs=206701&na=1596660207&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-ew-subworker: 8096267
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 12 Dec 2023 02:09:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 74B6 0
0 100ms
58ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxQL3G7CYlT0y4OlPrGB4Fe2ggQi7BHIS6DHRR8jCwDbOHisgTq0G6mNgY7aDyat1G5oJ0ooUDT_eFfEUBUFKt6-xiB9J9D9lJTdc_6HwL2SavCzZg9rItjkG48gIcus7TTChRC2bVqZtOjmulCtNwW5bneObL6ZX1qs5HnjEA8qsDXR41v8vm7F6j-8WXwwDYUAIFT2hXbrcdgq5DtTqc0aw5p0eWdwx4mu13Epncc2XI9Eml4iMMKb12tAiUNY0CqyAO9tWLWRUUp-bVXiSX3uspmJdGCbbUISN84yb4DxnWZqr8zZ_FAo98TtKRNsJFrc86KUc3JuPD0NVwN89hjidB8KF207aCLU8odUNA3XW0sUc1pl07U8YB2EUj8CifLcoH&sai=AMfl-YSYvuBY_Oc-FuxzsP6NKlGZrHwBQjPeNzGnkAfYlZNl8yx4wk0y1ltTqKFMYKDvlXCoevalkAbnk97vugyW5CmjiZjFsf1aqEWu-zFBYj0BL5ei--BTdt1xJpj7FbW3PkU8fMyZoUl4fTzCURBkNts&sig=Cg0ArKJSzGdBnYizvm_kEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 02:09:56 GMT

GET
DATA 200
OK truncated
/ Frame B6C1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ae8a1698011ed224db2fe5901fa638b35f45e0d2101b0d8d3471cd2fe69f6de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 00B5 0
0 64ms
59ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSjpt0V8oOHzKguk7BsMan0ojn-tkt3UNch07u4tggus76ZXTb9P1atOgbwtDf_N5CSZVdR_y7i3rqinQgsk109ml8hzc6sSoi5Gt4CUaLkUXt3GnejFRewbqZ1A6Vsg4Ef7rI9K62vIEgw20yVL1J_n7Ps3gECQrWC9yWE59t38QPx4Y3u9pfWDW9LLedlFMdAtot_lSjFpvneUTuW4TrvtL9QPF16c8Rv7mh5XZ6UOTfdBxR5aun_W61pgltc90-_qfB9tmsus9y7EX0rh8K00DVo0FWLgfQjEeabtzK0JM1TrkMxASqrsgTr7E3fpctxTTScNHlifisHjK9zjXZgeP513QoAeoRHd2JDa5KZQe6WaQFFvVmjRNPUNvz7GBad9cj&sai=AMfl-YSTneYj3sbaED-bpvzEPTkVt-dqImjE7UOhlLWz3zinANuF5N066WU5FkL9FvAYTMirWosgltvnAzfGh9wdMpkPg_lnv45w5m9jZReHPTgVHG8gYvFt1Y5EU9gOf8S2IODAqoto9zbTZkXD0dji6I7G&sig=Cg0ArKJSzEK-XhzbOns4EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 02:09:56 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
275 B 19ms
19ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1702346996477&de=396428988687&m=0&ar=cc84ca2002d-clean&iw=bf56fd0&q=7&cb=0&ym=0&cu=1702346996477&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5004764576%3A3249108460%3A6375611943%3A138455699852&zMoatPS=300_1v&zMoatSZ=301x251&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A2653%3A3721%3A0%3A2697&fs=206701&na=47412601&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-ew-subworker: 8096267
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 12 Dec 2023 02:09:56 GMT

GET
H3 200 utsync.ashx Show response
ml314.com/ Frame 608E 62 B
80 B 77ms
77ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=62439&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&pv=1702346996522_i4khbpn00&bl=en-us&cb=892422&return=&ht=&d=&dc=&si=1702346995987_pg582pa01&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&v=2.5.3.51
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?12112023
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:56 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ Frame 608E 20 B
482 B 468ms
114ms Script
application/javascript 54.160.147.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=12112023&v=2.5.3.51
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?12112023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.147.69 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-147-69.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 02:09:56 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Wed, 13 Dec 2023 02:09:56 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
275 B 20ms
20ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F5458215764298962786&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-hQUexRkFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-gZp8RG4580cdYQ%3D%3D&sc=1&os=1-9g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&id=1&ii=4&f=0&j=&t=1702346996477&de=396428988687&cu=1702346996477&m=10&ar=cc84ca2002d-clean&iw=bf56fd0&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6790&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2653%3A3721%3A0%3A2697&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5004764576%3A3249108460%3A6375611943%3A138455699852&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=301x251&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&zMoatDev=Desktop&zMoatDfpSlotId=300_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=206701&na=1264345021&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-ew-subworker: 8096267
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 12 Dec 2023 02:09:56 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
275 B 19ms
19ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1702346996498&de=427456618908&m=0&ar=cc84ca2002d-clean&iw=bf56fd0&q=11&cb=0&ym=0&cu=1702346996498&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5004764576%3A3249108460%3A6375611943%3A138455424706&zMoatPS=resource_v&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&id=1&ii=4&bo=22316126855&bp=22339890152&bd=resource_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A2653%3A3721%3A0%3A2697&fs=206701&na=1228858048&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-ew-subworker: 8096267
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 12 Dec 2023 02:09:56 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
275 B 20ms
20ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1702346996513&de=179302266665&m=0&ar=cc84ca2002d-clean&iw=bf56fd0&q=15&cb=0&ym=0&cu=1702346996513&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5289524284%3A3254588613%3A6381570210%3A138451416397&zMoatPS=728_1v&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&id=1&ii=4&bo=22316126855&bp=22339890152&bd=728_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A2653%3A3721%3A0%3A2697&fs=206701&na=814166321&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-ew-subworker: 8096267
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 12 Dec 2023 02:09:56 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
275 B 20ms
19ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F11871773975220516418&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-hQUexRkFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-gZp8RG4580cdYQ%3D%3D&sc=1&os=1-9g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&id=1&ii=4&f=0&j=&t=1702346996513&de=179302266665&cu=1702346996513&m=5&ar=cc84ca2002d-clean&iw=bf56fd0&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6790&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2653%3A3721%3A0%3A2697&as=0&ag=1&an=0&gf=1&gg=0&ix=1&ic=1&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=1&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5289524284%3A3254588613%3A6381570210%3A138451416397&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=206701&na=959702632&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-ew-subworker: 8096267
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 12 Dec 2023 02:09:56 GMT

GET
H2 200 web.js Show response
cache-ssl.celtra.com/api/creatives/ae21f920/compiled/ Frame B6C1 852 KB
179 KB 94ms
25ms Script
application/javascript 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/ae21f920/compiled/web.js?v=50-92b32c7ba4&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0&adx-in-banner-video=1
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/ba18906d/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvmACHWjL3pIO-Dz34ukgeLNuk4csD--fr01jSAXz2IeVxkyDphHHyEJVlRQL56DRzhzGrtQwgRwPv1JfG8b3rCuIo2T9nib0nBKc5yJEknaiWtb38J6dMq5GzkLw5OUlUKE5XKhBfSYszGk37i7o0BwLaX0M3JHi2u6urGqf0oOoNbEQY3QYS67CrBaL0yPRnQ4uB8W1exsIApZOcn8Y7JDE6qNiGmaNhrwwC9NhcrcIM-IJajFPB_oYem-ENSb4srvFc6ud36e5WC2EIvUpH8Uz0HNBm4V4ZonE9g28g7YasfrsLUGW-YBlO0oPEP8gWuGotVEnBXuTODyFw7S3DJUwfBsPADYMD_l1ZHJeyameTVL3eO_dixXA5uboiWGA%26sai%3DAMfl-YSo-S-uYIX32RFMhkY1aFAMWniLPvZtmzOx2DevFYj0coO9pfERfxB9sNPHqFWuPXirpkYc9nRp-Gnvsc0LL0M3hHN3hAMZEQ95f1B7orH9ziK-peafwmJfRUwT9Puj1H5MITc0JQysPBEb_OAIaeQ%26sig%3DCg0ArKJSzJaFhw1L6MwAEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138455424706&externalCreativeId=138455424706&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6375611943&externalCampaignId=3249108460&externalAdvertiserId=5004764576&coppa=0&scriptId=celtra-script-1&clientTimestamp=1702346996.307&clientTimeZoneOffsetInMinutes=-60&hostPageLoadId=47486312387203955
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: dc04678d711366bdb107aa81eef1af103df63d6ea5540ff082ab6fe29dd1c9a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:54:50 GMT
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 65687
x-cache: Hit from cloudfront
content-length: 183001
server: Apache
etag: "d526d164eb05eba60203c02ab97e6ee6d382118767c8cdee827998da2d5b9186"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
x-amz-cf-id: RSMBhwc3WG4dHyWPY80G6Av6Bpz4MXy-1v-sMnw0_xUhqBK9r9q7og==

GET
DATA 200
OK truncated
/ Frame B6C1 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK d06d1f0a-de18-47a2-9468-1a0a3f94ec74
https://www.darkreading.com/ Frame B6C1 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.darkreading.com/d06d1f0a-de18-47a2-9468-1a0a3f94ec74
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 167
Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6C1 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8px2OGnxFSmRCnFtCvJBshiOK0wFKa_nPc4ajN_z9N0FnOAt2t4-_yJKh42LX5LJy6yOXXEgI9lPW8PfyOwjtn9th1PrLt2yDxSWmaQkYzARR0QNSeS0ZKiGiS0n_8nIQNzWjbalG-1xGgGthmALlTejCop3D5uItTsmWYl_OfeUvVnj2U58sSNExWKNC7gDFv_-JmU7mYKcr-Cnxotg7OcdG3mh_fB4OxovplSEA9ukNuzzU7YA-mmRfrJmvduLVxNOqL8sWWh6HA-Ka2K3KKoXg_PgAGZiFslvNtK39A-NoAHIpXk2Ewvqk7XhN_sotj9gOs6OZ8FNImARbsGP-1auq5NJXKYie_Aoiwd2-oLDjg_h6sA6KKK4EU82oiua44u4G&sai=AMfl-YQm6Iqlj8C7WkfG818K1SCLYt_F3L8iLInfeq_uaaGjDk8VwA6KLKU0zTu99XZU_HLSKIWf_X6AAY3z6tXhPpp6lL2r8yHOzYKdIJzmdK07RdCDTbYvHvR7Tb8sAZCcbB6e6jkhhGvHvHOWGBptaHg&sig=Cg0ArKJSzB1P202xeTOqEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 02:09:57 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzAyMzQ2OTk2eGZjZjQ3Y2I0ZmRkZDAxeDQwMDA4MTk2IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMzUzODM5ODgwNzQwODgzNiIsImluZGV4I...
track.celtra.com/json/ 35 B
242 B 489ms
120ms Image
image/gif 54.161.239.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzAyMzQ2OTk2eGZjZjQ3Y2I0ZmRkZDAxeDQwMDA4MTk2IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMzUzODM5ODgwNzQwODgzNiIsImluZGV4IjowLCJjbGllbnRUaW1lc3RhbXAiOjE3MDIzNDY5OTYuOTk1LCJuYW1lIjoiY29udGFpbmVyQmVjYW1lVmlld2FibGUifV19?crc32c=2388226529
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.239.77 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-239-77.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 12 Dec 2023 02:09:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 608E 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbhBZmF47iwoEynnL-UMgQIVLEHomy-dunoWr_td5067huJYKnlXMxr7mb2ABZdgNNDgvPB2X5XrJtOmc5rlWewoQ2HJnufolOcAKJ4KJ-gwSOKkg-o1J45O3zE9YWPlsBG6UNAU2RJw_V0tVzsCg-cj_tvYhVX08a-LAPyrS-qi8sPKI6npRCKPtJKOuIuEpzJNAlCEUvqHA_-nATNb33tiO0A4adYyf_j8PJKcrfW4co4cbZgN4-8qKKs2QryS4OmmqyPBWQjnAW9iK1fMnnOaQRPvs1nsF4vh7hOXwpVFm6571UYHKXx30Of4io1oygmk8vvAEiQXZwdL4TtZCTKW6MphTb01HyfN-4OJFCNbtK32kbzDjD8khbYXJC1F9F1h0sAqqKOkg&sai=AMfl-YQvhSlHYxl8LkK2CToxQ5AwVJAYiyNaZbTAN0RxZE--7Iya0QCISSYmMs3cUKO1ws9IZRoS1aGNUOFqrjIf25K0s3_IIGQdMNF5Lg2vpFM7qJ5XHSKaWTDl4sRNeCc9marvnUEi0UoJChqYpWJP2QW0&sig=Cg0ArKJSzGumv-CKp8zoEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 02:09:57 GMT

GET
H2 200 3_webfont.woff2
cache-ssl.celtra.com/api/fonts/google/Lato:400/ Frame 2618 4 KB
4 KB 65ms
24ms Font
application/font-woff2 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/google/Lato:400/3_webfont.woff2?subset=BCDEGILORSTUVW
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4e3544834b91e44441b532b1543211033bbf7dfdb06b1c540c6539ce2f04c806

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:48:19 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5970098
x-cache: Hit from cloudfront
content-length: 4052
server: Apache
etag: "4e3544834b91e44441b532b1543211033bbf7dfdb06b1c540c6539ce2f04c806"
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3155953
accept-ranges: bytes
x-amz-cf-id: g5xw6PTwcuLL8Hdufng98O44gtQabLQ-_sbslMZ3x2KT4tBSv74FhA==

GET
H2 200 DR_Sophos_2023-Threat-Report.jpg
cache-ssl.celtra.com/api/blobs/a8ebb8e65380225718e105013b044990bf309124db6a063d2993489fa88cebe9/ Frame 2618 40 KB
40 KB 23ms
23ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/a8ebb8e65380225718e105013b044990bf309124db6a063d2993489fa88cebe9/DR_Sophos_2023-Threat-Report.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d8f2a6eb1c5b845fbc8ff1d6e3b48b9429d8e320e3925144bc7a07795ab534ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:54:58 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5994899
x-cache: Hit from cloudfront
content-length: 40672
server: Apache
etag: "d8f2a6eb1c5b845fbc8ff1d6e3b48b9429d8e320e3925144bc7a07795ab534ad"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3116056
accept-ranges: bytes
x-amz-cf-id: 2H6qWAth2FYW_IPxon7Yf-fhwtxIlhzHdlC5iILdJleZZSpO8sGFYA==

GET
H2 200 DR_Sophos_Extended-Detection-and-Response.png
cache-ssl.celtra.com/api/blobs/76e8b236cf163e361e7e04c519d560c500713d3dbcbca935fa82314b9708ecad/ Frame 2618 5 KB
6 KB 26ms
26ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/76e8b236cf163e361e7e04c519d560c500713d3dbcbca935fa82314b9708ecad/DR_Sophos_Extended-Detection-and-Response.png?transform=crush&quality=256
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2f27b92b9b966ffdd166be51401f836aa3aa6dac8cdd60736582a14a83f8538f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 08:56:13 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5764424
x-cache: Hit from cloudfront
content-length: 5524
server: Apache
etag: "2f27b92b9b966ffdd166be51401f836aa3aa6dac8cdd60736582a14a83f8538f"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 852883
accept-ranges: bytes
x-amz-cf-id: fs_E30H-jJuMNyQnrnmeCcRqcVR2rUmiH4i0lysnopf-CgnySVsNkA==

GET
H2 200 w_soph131c8.jpg
cache-ssl.celtra.com/api/blobs/eebcdb014ca52ef87cab677be63d3383da1cc3bd515e6c05a2b7a2453482a44b/ Frame 2618 25 KB
25 KB 27ms
27ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/eebcdb014ca52ef87cab677be63d3383da1cc3bd515e6c05a2b7a2453482a44b/w_soph131c8.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e5836b0f5b9092c9f810ad6ccd9db01c1fcd57889e8222f558d9c2b59b082d7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:54:58 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5994899
x-cache: Hit from cloudfront
content-length: 25237
server: Apache
etag: "e5836b0f5b9092c9f810ad6ccd9db01c1fcd57889e8222f558d9c2b59b082d7c"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2658319
accept-ranges: bytes
x-amz-cf-id: UUvhoVyc2tmu1fc9NKdVqTajA_pbFLs3z6C5Eaq6yYnd3WXi1yrojA==

GET
H2 200 w_soph132c8.jpg
cache-ssl.celtra.com/api/blobs/6775b06cde3ac0ea81dd4bca3d6f9e2863628455c1ae139c882380f0ae798a06/ Frame 2618 33 KB
33 KB 28ms
28ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/6775b06cde3ac0ea81dd4bca3d6f9e2863628455c1ae139c882380f0ae798a06/w_soph132c8.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 118804ffb57d9794c6dcb47c2cf07d9468e29c024e34d462517f24b74061300d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:54:58 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5994899
x-cache: Hit from cloudfront
content-length: 33540
server: Apache
etag: "118804ffb57d9794c6dcb47c2cf07d9468e29c024e34d462517f24b74061300d"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1018993
accept-ranges: bytes
x-amz-cf-id: -xO81evhjvlbXiGmt2SSPo-F667_dKG5Xdicjtf6C0XlEcecZ44NCw==

GET
H2 200 sophos-incident-response-guide.jpg
cache-ssl.celtra.com/api/blobs/3012f852b79f7c7ae122bb767f543ea60e1e286eae21b30549729042b1beab20/ Frame 2618 161 KB
161 KB 31ms
31ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/3012f852b79f7c7ae122bb767f543ea60e1e286eae21b30549729042b1beab20/sophos-incident-response-guide.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: cf3119fdbf0f06025ca1ee2409e2e10a29785c6184c927084c8da22fc0db2e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 06:22:57 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5946419
x-cache: Hit from cloudfront
content-length: 164485
server: Apache
etag: "cf3119fdbf0f06025ca1ee2409e2e10a29785c6184c927084c8da22fc0db2e79"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2105163
accept-ranges: bytes
x-amz-cf-id: 44VUvG4Yb4UHO_vulSRG3oyYIBeKRu3osSuRpdg_PC5td02q7us-WQ==

GET
H2 200 rss_hover.png
cache-ssl.celtra.com/api/blobs/82a3278077b1fa57b623faca8218253948280aafcfffcf15d53c579aeff15a03/ Frame 2618 990 B
1 KB 46ms
46ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/82a3278077b1fa57b623faca8218253948280aafcfffcf15d53c579aeff15a03/rss_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2b8322bfccaa5c0aa4a37e06b916b11d517b7a2974ce3cd810ea57ba3a1ffd68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:43:17 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6009999
x-cache: Hit from cloudfront
content-length: 990
server: Apache
etag: "2b8322bfccaa5c0aa4a37e06b916b11d517b7a2974ce3cd810ea57ba3a1ffd68"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3637499
accept-ranges: bytes
x-amz-cf-id: _F3JVNgC6APW6BtJZ2Q0dQQwpBCkqNEIopRR8POhr3QS4qeRb6Gg6Q==

GET
H2 200 rss.png
cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/ Frame 2618 988 B
1 KB 46ms
46ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/rss.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:46:32 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2975005
x-cache: Hit from cloudfront
content-length: 988
server: Apache
etag: "4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 659681
accept-ranges: bytes
x-amz-cf-id: VGhpmTWgh-sFDd6CQgCrd0X-7_4E-5Lv_rxs9lqgD99eCcPj1gh_7Q==

GET
H2 200 yt_hover.png
cache-ssl.celtra.com/api/blobs/05c871534a66ba01deefbc75b6ed2f9281993581e903223785a6f6a7ff82bebb/ Frame 2618 918 B
1 KB 47ms
47ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/05c871534a66ba01deefbc75b6ed2f9281993581e903223785a6f6a7ff82bebb/yt_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:26:13 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6021824
x-cache: Hit from cloudfront
content-length: 918
server: Apache
etag: "6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4162458
accept-ranges: bytes
x-amz-cf-id: t-gNdH39Q-do54p7GsROTcRQ4QoVCsTVQ0-snM4MMPuKemCqDoSWKA==

GET
H2 200 yt.png
cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/ Frame 2618 914 B
1 KB 48ms
48ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/yt.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:26:13 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6021824
x-cache: Hit from cloudfront
content-length: 914
server: Apache
etag: "8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2262217
accept-ranges: bytes
x-amz-cf-id: M2EllYrs86IVpZID-xrDBZ9xC094X6LtDICM6UxtyIsb1KRsAVKX9Q==

GET
H2 200 li_hover.png
cache-ssl.celtra.com/api/blobs/e3228348fc17573d7db7d135ba5cf60985157f70dae6643939d3a6686b2aa699/ Frame 2618 591 B
1 KB 48ms
48ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/e3228348fc17573d7db7d135ba5cf60985157f70dae6643939d3a6686b2aa699/li_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:24:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6025547
x-cache: Hit from cloudfront
content-length: 591
server: Apache
etag: "c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 755605
accept-ranges: bytes
x-amz-cf-id: z4-aUwkHounx3DX_L_Bzq86itxxLO1cKYiTtEU-Wp2Y0DrWa6PAYWQ==

GET
H2 200 li.png
cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/ Frame 2618 585 B
1 KB 49ms
48ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/li.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:24:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6025547
x-cache: Hit from cloudfront
content-length: 585
server: Apache
etag: "d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 394368
accept-ranges: bytes
x-amz-cf-id: 63yFj2xgzSKvTDOzQnL-hOBluldJ24tZr0CHmv9CDEZW0xwHN3Mv8A==

GET
H2 200 tw_hover.png
cache-ssl.celtra.com/api/blobs/f0cccd681d168932db801410643c93f0df03370d5c638ab3e4a16e92b80b3aa0/ Frame 2618 777 B
1 KB 49ms
49ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/f0cccd681d168932db801410643c93f0df03370d5c638ab3e4a16e92b80b3aa0/tw_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:24:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6025547
x-cache: Hit from cloudfront
content-length: 777
server: Apache
etag: "1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1967391
accept-ranges: bytes
x-amz-cf-id: oeGGAq8vehiV8VfXXXA-Vr43Rx_5CjEvjn72g5ya-s0wP-57yOJfMA==

GET
H2 200 tw.png
cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/ Frame 2618 781 B
1 KB 49ms
49ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/tw.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:24:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6025547
x-cache: Hit from cloudfront
content-length: 781
server: Apache
etag: "308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 34649
accept-ranges: bytes
x-amz-cf-id: Y3X37R8vsiAtKY9dI76AOelZ4U1Vaii0dH3TizTxStlQyqRCMrQ06g==

GET
H2 200 fb_hover.png
cache-ssl.celtra.com/api/blobs/652ab50d0e331e4269bb4d847fcc5a5a4e3def07bb1ebca4d2d6fda889e52604/ Frame 2618 348 B
856 B 50ms
50ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/652ab50d0e331e4269bb4d847fcc5a5a4e3def07bb1ebca4d2d6fda889e52604/fb_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:26:12 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6021825
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2490843
accept-ranges: bytes
x-amz-cf-id: _pZWrYFN_wOzrcxzKQywNTCkqLs6uidFr823AJk6l0g20FXkdXa-8w==

GET
H2 200 fb.png
cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/ Frame 2618 348 B
856 B 49ms
49ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/fb.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:26:12 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6021824
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2785948
accept-ranges: bytes
x-amz-cf-id: izVqLtEQ_Z8S2eRt69zmFrtozozCvx5Ozkcq1D-T-a7L917N-mJajg==

GET
H2 200 sophos-logo-blue-rgb.png
cache-ssl.celtra.com/api/blobs/5fe443e06af1a176d1a4b198892695d2b9c3001bfd898280f1f30fe11de7e391/ Frame 2618 2 KB
3 KB 50ms
50ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/5fe443e06af1a176d1a4b198892695d2b9c3001bfd898280f1f30fe11de7e391/sophos-logo-blue-rgb.png?transform=crush&quality=256
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2936fe13574318d83664642a376fa2fb1701a6b54af72ba96c3ee0ea3e975814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:01:26 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5904511
x-cache: Hit from cloudfront
content-length: 2145
server: Apache
etag: "2936fe13574318d83664642a376fa2fb1701a6b54af72ba96c3ee0ea3e975814"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 464383
accept-ranges: bytes
x-amz-cf-id: -U0qAn46aa-vLBtdIi-v9jJsGjAtj7aKWO0ujmd1b3DO6hpvv50r5g==

GET
H2 200 sophos-logo-blue-rgb.png
cache-ssl.celtra.com/api/blobs/5fe443e06af1a176d1a4b198892695d2b9c3001bfd898280f1f30fe11de7e391/ Frame 2618 2 KB
3 KB 24ms
24ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/5fe443e06af1a176d1a4b198892695d2b9c3001bfd898280f1f30fe11de7e391/sophos-logo-blue-rgb.png?transform=crush&quality=256
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2936fe13574318d83664642a376fa2fb1701a6b54af72ba96c3ee0ea3e975814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:01:26 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5904511
x-cache: Hit from cloudfront
content-length: 2145
server: Apache
etag: "2936fe13574318d83664642a376fa2fb1701a6b54af72ba96c3ee0ea3e975814"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 464383
accept-ranges: bytes
x-amz-cf-id: CusGYkfXwAFI5Ovc-9PhBqb1HPIMQY7UkOYEiq4ca5Vhq9GUyEpiPA==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/a8ebb8e65380225718e105013b044990bf309124db6a063d2993489fa88cebe9/DR_Sophos_2023-Threat-Report.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d8f2a6eb1c5b845fbc8ff1d6e3b48b9429d8e320e3925144bc7a07795ab534ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:54:58 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5994899
x-cache: Hit from cloudfront
content-length: 40672
server: Apache
etag: "d8f2a6eb1c5b845fbc8ff1d6e3b48b9429d8e320e3925144bc7a07795ab534ad"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3116056
accept-ranges: bytes
x-amz-cf-id: pST0ZkD4l52Jbz1gqpKQpf9UZBptwscM7SLZtgJZCkRMQwJ4GTE26w==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/76e8b236cf163e361e7e04c519d560c500713d3dbcbca935fa82314b9708ecad/DR_Sophos_Extended-Detection-and-Response.png?transform=crush&quality=256
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2f27b92b9b966ffdd166be51401f836aa3aa6dac8cdd60736582a14a83f8538f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 08:56:13 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5764424
x-cache: Hit from cloudfront
content-length: 5524
server: Apache
etag: "2f27b92b9b966ffdd166be51401f836aa3aa6dac8cdd60736582a14a83f8538f"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 852883
accept-ranges: bytes
x-amz-cf-id: NJ3CRw48f-n3Y09_JEG-GxXtB17PgPjHp48fyGhded9EDoYBcR2Jnw==

GET
H2 200 w_soph131c8.jpg
cache-ssl.celtra.com/api/blobs/eebcdb014ca52ef87cab677be63d3383da1cc3bd515e6c05a2b7a2453482a44b/ Frame 2618 25 KB
25 KB 23ms
23ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/eebcdb014ca52ef87cab677be63d3383da1cc3bd515e6c05a2b7a2453482a44b/w_soph131c8.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e5836b0f5b9092c9f810ad6ccd9db01c1fcd57889e8222f558d9c2b59b082d7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:54:58 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5994899
x-cache: Hit from cloudfront
content-length: 25237
server: Apache
etag: "e5836b0f5b9092c9f810ad6ccd9db01c1fcd57889e8222f558d9c2b59b082d7c"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2658319
accept-ranges: bytes
x-amz-cf-id: 2KYccT33y59JTc4P_rsZntcNJHvL3POxLJFF5K8b2qaIIZPE4tthrw==

GET
H2 200 w_soph132c8.jpg
cache-ssl.celtra.com/api/blobs/6775b06cde3ac0ea81dd4bca3d6f9e2863628455c1ae139c882380f0ae798a06/ Frame 2618 33 KB
33 KB 25ms
25ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/6775b06cde3ac0ea81dd4bca3d6f9e2863628455c1ae139c882380f0ae798a06/w_soph132c8.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 118804ffb57d9794c6dcb47c2cf07d9468e29c024e34d462517f24b74061300d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:54:58 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5994899
x-cache: Hit from cloudfront
content-length: 33540
server: Apache
etag: "118804ffb57d9794c6dcb47c2cf07d9468e29c024e34d462517f24b74061300d"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1018993
accept-ranges: bytes
x-amz-cf-id: 9UpUOiRtA4lsVye-sNuravDTc6tlpWGSS-Oh27FJcFWtL1-XGWwnTw==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/3012f852b79f7c7ae122bb767f543ea60e1e286eae21b30549729042b1beab20/sophos-incident-response-guide.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: cf3119fdbf0f06025ca1ee2409e2e10a29785c6184c927084c8da22fc0db2e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 06:22:57 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5946419
x-cache: Hit from cloudfront
content-length: 164485
server: Apache
etag: "cf3119fdbf0f06025ca1ee2409e2e10a29785c6184c927084c8da22fc0db2e79"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2105163
accept-ranges: bytes
x-amz-cf-id: -UPBWIwxrHvvasKKJLd0VVtm3FaPz-nB-E57uwkKQTrG45zkSRws1Q==

GET
H2 200 rss.png
cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/ Frame 2618 988 B
1 KB 26ms
26ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/rss.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:46:32 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2975005
x-cache: Hit from cloudfront
content-length: 988
server: Apache
etag: "4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 659681
accept-ranges: bytes
x-amz-cf-id: M5oah4xhh1Eg9ZbgIkemhRD9VLWuW4kxbWwuaduKi0geafzpoBq0cw==

GET
H2 200 yt.png
cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/ Frame 2618 914 B
1 KB 26ms
25ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/yt.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:26:13 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6021824
x-cache: Hit from cloudfront
content-length: 914
server: Apache
etag: "8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2262217
accept-ranges: bytes
x-amz-cf-id: IjpSejGVL8GQRTist44lTz2N9bcCyLhwQxoHxuJkfzFhVcg0Ye1juQ==

GET
H2 200 li.png
cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/ Frame 2618 585 B
1 KB 25ms
25ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/li.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:24:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6025547
x-cache: Hit from cloudfront
content-length: 585
server: Apache
etag: "d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 394368
accept-ranges: bytes
x-amz-cf-id: TNnQRPXkrk87CvVcmCpA5Ew0sHaCkd2Avzsoo9YveU1dYsLdIujuVA==

GET
H2 200 tw.png
cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/ Frame 2618 781 B
1 KB 26ms
26ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/tw.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:24:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6025547
x-cache: Hit from cloudfront
content-length: 781
server: Apache
etag: "308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 34649
accept-ranges: bytes
x-amz-cf-id: 4eeX80QDBGf42MnB23gUxwPZY5l6zN3Yb5iOTbQMUdBGkkQWvNeMZQ==

GET
H2 200 fb.png
cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/ Frame 2618 348 B
856 B 26ms
26ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/fb.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:26:12 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6021824
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2785948
accept-ranges: bytes
x-amz-cf-id: BhaCiuemj5RXE86kUc-fLeKYRFnA0J6ZvThf06JBpvtXn8Qe0luPeA==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzAyMzQ2OTk2eGZjZjQ3Y2I0ZmRkZDAxeDQwMDA4MTk2IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMzUzODM5ODgwNzQwODgzNiIsImluZGV4IjoxLCJjbGllbnRUaW1lc3RhbXAiOjE3MDIzNDY5OTYuOTk5LCJzY29wZSI6Imdsb2JhbCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzYiLCJvcmllbnRhdGlvbiI6MCwidG9wbW9zdFJlYWNoYWJsZVdpbmRvdyI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwfSwiaG9zdFdpbmRvdyI6eyJ3aWR0aCI6NSwiaGVpZ2h0Ijo1fSwibmVzdGluZyI6eyJpZnJhbWUiOnRydWUsImZyaWVuZGx5SWZyYW1lIjp0cnVlLCJpYWJGcmllbmRseUlmcmFtZSI6dHJ1ZSwiaG9zdGlsZUlmcmFtZSI6ZmFsc2UsImlmcmFtZURlcHRoIjoxfSwicGFnZVZpc2liaWxpdHlBcGkiOnRydWUsInJlcXVlc3RBbmltYXRpb25GcmFtZSI6dHJ1ZSwidG9wV2luZG93TmF0aXZlUkFGU3VwcG9ydGVkIjp0cnVlLCJhbGxvd05vbk5hdGl2ZVJBRkZvclZpZXdhYmxlVGltZVVzZWQiOmZhbHNlLCJjbGllbnRUaW1lWm9uZU9mZnNldEluTWludXRlcyI6LTYwLCJzdXBwb3J0c0NvbnRhaW5lclZpZXdhYmlsaXR5Ijp0cnVlLCJzdXBwb3J0c0NvbnRhaW5lckluaXRpYWxWaWV3YWJpbGl0eSI6dHJ1ZSwidGFnUGFyZW50V2lkdGgiOjAsInRhZ1BhcmVudEhlaWdodCI6MCwiYW1wRGV0ZWN0ZWQiOmZhbHNlLCJhbXBOZXN0aW5nTGV2ZWwiOiIiLCJzYWZlRnJhbWVEZXRlY3RlZCI6ZmFsc2UsImZldGNoU3VwcG9ydGVkIjp0cnVlLCJhc2FwRW5hYmxlZCI6bnVsbCwibmF0aXZlUHJvbWlzZXNTdXBwb3J0ZWQiOnRydWUsImJlYWNvblN1cHBvcnRlZCI6dHJ1ZSwiSW50ZXJzZWN0aW9uT2JzZXJ2ZXJTdXBwb3J0ZWQiOnRydWUsImlzTXV0YXRpb25PYnNlcnZlclN1cHBvcnRlZCI6dHJ1ZSwid2ViVmlldyI6bnVsbCwiaXNXaW5kb3dPcGVuTmF0aXZlIjp0cnVlLCJwcm90b0xvYWRpbmciOnsiZGF0YUxvYWRTdGF0dXMiOiJzdXBwb3J0ZWQiLCJibG9iTG9hZFN0YXR1cyI6InN1cHBvcnRlZCJ9LCJ0b3BXaW5kb3dMb2NhdGlvbiI6Imh0dHBzOi8vd3d3LmRhcmtyZWFkaW5nLmNvbSIsInRvcFdpbmRvd0xvY2F0aW9uTGVuZ3RoIjoyNywibmFtZSI6ImVudmlyb25tZW50SW5mbyJ9LHsic2Vzc2lvbklkIjoiczE3MDIzNDY5OTZ4ZmNmNDdjYjRmZGRkMDF4NDAwMDgxOTYiLCJhY2NvdW50SWQiOiI0NGI3NGIzNSIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjEzNTM4Mzk4ODA3NDA4ODM2IiwiaW5kZXgiOjIsImNsaWVudFRpbWVzdGFtcCI6MTcwMjM0Njk5Ny4xMDUsIm5hbWUiOiJjcmVhdGl2ZUxvYWRlZCIsInZpZXdhYmlsaXR5MDBNZWFzdXJhYmxlIjp0cnVlLCJ2aWV3YWJpbGl0eTUwMU1lYXN1cmFibGUiOnRydWUsInZpZXdhYmxlVGltZU1lYXN1cmFibGUiOnRydWUsImNkblZhcmlhbnQiOiJub25lIn0seyJzZXNzaW9uSWQiOiJzMTcwMjM0Njk5NnhmY2Y0N2NiNGZkZGQwMXg0MDAwODE5NiIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMTM1MzgzOTg4MDc0MDg4MzYiLCJpbmRleCI6MywiY2xpZW50VGltZXN0YW1wIjoxNzAyMzQ2OTk3LjExMywibmFtZSI6InZpZXdwb3J0UGxhY2VtZW50R2VvbWV0cnkiLCJwYWdlRGltZW5zaW9ucyI6eyJoZWlnaHQiOjY5MTUsIndpZHRoIjoxNjAwfSwidmlld3BvcnRQb3NpdGlvblJlY3QiOnsid2lkdGgiOjE2MDAsImhlaWdodCI6MTIwMCwibGVmdCI6MCwidG9wIjowfSwiZmlyc3RQbGFjZW1lbnRQb3NpdGlvblJlY3QiOnsibGVmdCI6MTAwNiwidG9wIjoxMzMyLjgxMjUsIndpZHRoIjozMDAsImhlaWdodCI6NjAwfX1dfQ==?crc32c=1580416701
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.239.77 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-239-77.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Tue, 12 Dec 2023 02:09:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 00B5 42 B
404 B 102ms
57ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUVd_Pz2bcFfYdPqOs8kDTyDnIfMTXHgfIJAb9cAl7Nm5hza1edFyN7otQU1w3tAFH4qTRRgfXO5p80M7M1HrCpN38RmPIfi-tUZea0z_V1bVut9bbGHfo1-zu6H20J-eSI_tTKFyCoUMKS4l_yr2ZuA&sig=Cg0ArKJSzCqN_4I51PJvEAE&id=lidar2&mcvt=1000&p=957,436,1047,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=206257688&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702346996265&rpt=246&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
275 B 32ms
32ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-hQUexRkFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-gZp8RG4580cdYQ%3D%3D&sc=1&os=1-9g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&id=1&ii=4&f=0&j=&t=1702346996513&de=179302266665&cu=1702346996513&m=1009&ar=cc84ca2002d-clean&iw=bf56fd0&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6915&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2653%3A3721%3A0%3A2697&as=1&ag=1005&an=1&gi=1&gf=1005&gg=1&ix=1005&ic=1005&ez=1&ck=1005&kw=805&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1005&bx=1&ci=1005&jz=805&dj=1&aa=0&ad=906&cn=0&gk=906&gl=0&ik=906&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=805&cd=2&ah=805&am=2&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5289524284%3A3254588613%3A6381570210%3A138451416397&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=206701&na=902762448&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:57 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-ew-subworker: 8096267
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 12 Dec 2023 02:09:57 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
275 B 21ms
20ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-hQUexRkFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-gZp8RG4580cdYQ%3D%3D&sc=1&os=1-9g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&id=1&ii=4&f=0&j=&t=1702346996513&de=179302266665&cu=1702346996513&m=1009&ar=cc84ca2002d-clean&iw=bf56fd0&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6915&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2653%3A3721%3A0%3A2697&as=1&ag=1005&an=1005&gi=1&gf=1005&gg=1005&ix=1005&ic=1005&ez=1&ck=1005&kw=805&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1005&bx=1005&ci=1005&jz=805&dj=1&aa=0&ad=906&cn=906&gk=906&gl=906&ik=906&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=805&cd=805&ah=805&am=805&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5289524284%3A3254588613%3A6381570210%3A138451416397&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=206701&na=175385189&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:57 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-ew-subworker: 8096267
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 12 Dec 2023 02:09:57 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
275 B 20ms
20ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-hQUexRkFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-gZp8RG4580cdYQ%3D%3D&sc=1&os=1-9g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&id=1&ii=4&f=0&j=&t=1702346996513&de=179302266665&cu=1702346996513&m=1010&ar=cc84ca2002d-clean&iw=bf56fd0&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6915&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2653%3A3721%3A0%3A2697&as=1&ag=1005&an=1005&gi=1&gf=1005&gg=1005&ix=1005&ic=1005&ez=1&ck=1005&kw=805&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1005&bx=1005&ci=1005&jz=805&dj=1&aa=0&ad=906&cn=906&gk=906&gl=906&ik=906&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=805&cd=805&ah=805&am=805&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5289524284%3A3254588613%3A6381570210%3A138451416397&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=206701&na=723609372&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:57 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-ew-subworker: 8096267
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 12 Dec 2023 02:09:57 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
275 B 20ms
20ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.darkreading.com%2F%2Fthreat-intelligence%2F-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-hQUexRkFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-gZp8RG4580cdYQ%3D%3D&sc=1&os=1-9g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&id=1&ii=4&f=0&j=&t=1702346996498&de=427456618908&cu=1702346996498&m=1036&ar=cc84ca2002d-clean&iw=bf56fd0&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6915&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2653%3A3721%3A0%3A2697&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=32&cd=0&ah=32&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5004764576%3A3249108460%3A6375611943%3A138455424706&bo=22316126855&bp=22339890152&bd=resource_v&zMoatPS=resource_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&zMoatDev=Desktop&zMoatDfpSlotId=resource_v&hv=Celtra%20API&ab=3&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=206701&na=2088419325&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:57 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-ew-subworker: 8096267
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 12 Dec 2023 02:09:57 GMT

GET
H2 200 nr-spa-1.248.0.min.js Show response
js-agent.newrelic.com/ 87 KB
29 KB 102ms
34ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.248.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: WdicPIzDGJD8og5dR8sXZo1iUf3RkEzi
content-encoding: br
via: 1.1 varnish
date: Tue, 12 Dec 2023 02:09:57 GMT
strict-transport-security: max-age=300
x-amz-request-id: 0NV84X9NY2RY505Y
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29446
x-amz-id-2: Tmr+SWuuLgp1LK9JhaPbr4eFIppJQI76yBRSMo8beg/4HV/eatWptx4l580sZ0g4SwCjby9ntPs=
x-served-by: cache-cph2320029-CPH
last-modified: Thu, 16 Nov 2023 17:54:54 GMT
server: AmazonS3
x-timer: S1702346998.704320,VS0,VE0
etag: "9aea0ff91a800a354637269e96e31dac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 150856

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 68ms
67ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

416f3ca7dd28d9f38c5fb92b7704230b81f53a0d9e8af20631836be0e7e29a3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12091
x-xss-protection: 0

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
161 B 60ms
40ms XHR
text/plain 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: Vw8EV1VXABAFVVVSAggEVlE=
tracestate: 3288925@nr=0-1-3936348-538480682-801933f2922c6199----1702346997629
traceparent: 00-7454da7a46d27b96b698550fb0f3fc00-801933f2922c6199-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM5MzYzNDgiLCJhcCI6IjUzODQ4MDY4MiIsImlkIjoiODAxOTMzZjI5MjJjNjE5OSIsInRyIjoiNzQ1NGRhN2E0NmQyN2I5NmI2OTg1NTBmYjBmM2ZjMDAiLCJ0aSI6MTcwMjM0Njk5NzYyOSwidGsiOiIzMjg4OTI1In19
content-type: application/json
Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Response headers

date: Tue, 12 Dec 2023 02:09:57 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83426d9f3dd068f5-FRA

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
45 B 76ms
57ms XHR
text/plain 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: Vw8EV1VXABAFVVVSAggEVlE=
tracestate: 3288925@nr=0-1-3936348-538480682-1b5fbaad2d77c0c7----1702346997629
traceparent: 00-b3c2a4a1cd0c6783e842889db2d04400-1b5fbaad2d77c0c7-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM5MzYzNDgiLCJhcCI6IjUzODQ4MDY4MiIsImlkIjoiMWI1ZmJhYWQyZDc3YzBjNyIsInRyIjoiYjNjMmE0YTFjZDBjNjc4M2U4NDI4ODlkYjJkMDQ0MDAiLCJ0aSI6MTcwMjM0Njk5NzYyOSwidGsiOiIzMjg4OTI1In19
content-type: application/json
Referer: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Response headers

date: Tue, 12 Dec 2023 02:09:57 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83426d9f7dec68f5-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 02:09:57 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
275 B 45ms
45ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-hQUexRkFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-gZp8RG4580cdYQ%3D%3D&sc=1&os=1-9g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&id=1&ii=4&f=0&j=&t=1702346996513&de=179302266665&cu=1702346996513&m=1211&ar=cc84ca2002d-clean&iw=bf56fd0&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6915&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2653%3A3721%3A5095%3A2697&as=1&ag=1207&an=1005&gi=1&gf=1207&gg=1005&ix=1207&ic=1207&ez=1&ck=1005&kw=805&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1207&bx=1005&ci=1005&jz=805&dj=1&aa=1&ad=1108&cn=906&gn=1&gk=1108&gl=906&ik=1108&co=1108&cp=1006&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1006&cd=805&ah=1006&am=805&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5289524284%3A3254588613%3A6381570210%3A138451416397&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=206701&na=1985589221&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:57 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
x-akamai-ew-subworker: 8096267
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 12 Dec 2023 02:09:57 GMT

POST
H/1.1 200 NRJS-26ae6a3b09493bbcc87 Show response
bam.eu01.nr-data.net/1/ 40 B
462 B 88ms
33ms XHR
text/plain 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-26ae6a3b09493bbcc87?a=514059305&v=1.248.0&to=MhBSZQoZWEEDU0ZaXgtadUkIClNBEVpBHHYgIR8eUg%3D%3D&rst=5218&ck=0&s=156153a7af28d026&ref=https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d&tt=09c0a374af2b8309&af=err,xhr,stn,ins,spa&ap=171.275486&be=2534&fe=2561&dc=281&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1702346992530,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:20,%22ce%22:44,%22rq%22:44,%22rp%22:2535,%22rpe%22:2629,%22di%22:2697,%22ds%22:2815,%22de%22:2815,%22dc%22:5093,%22l%22:5093,%22le%22:5095%7D,%22navigation%22:%7B%7D%7D&fp=2653&fcp=3721
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 12 Dec 2023 02:09:57 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230048-FRA

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2386 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:36:38 GMT
expires: Tue, 10 Dec 2024 16:36:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7FE9 829 B
1 KB 76ms
29ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

302767a8452a2426cbe837e8404c5405d131a3ab1bcd3c80c9538000c8cc0802

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6l3HpX7TEBxsezh3-7ZpkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6l3HpX7TEBxsezh3-7ZpkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 02:09:57 GMT
expires: Tue, 12 Dec 2023 02:09:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2386 39 KB
15 KB 61ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:33:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 12:33:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7FE9 0
0 56ms
56ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=331138331645438&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

POST
H/1.1 200 NRJS-26ae6a3b09493bbcc87 Show response
bam.eu01.nr-data.net/events/1/ 24 B
346 B 34ms
33ms XHR
image/gif 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/events/1/NRJS-26ae6a3b09493bbcc87?a=514059305&v=1.248.0&to=MhBSZQoZWEEDU0ZaXgtadUkIClNBEVpBHHYgIR8eUg%3D%3D&rst=5368&ck=0&s=156153a7af28d026&ref=https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/lazarus-group-still-juicing-log4shell-rats-written-d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 12 Dec 2023 02:09:57 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230048-FRA

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2386 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?S4e02g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:09:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 608E 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPp3qC2eE213tnWs2uM-SHX9UOpqA9c5MXSTQfhurReJdm6Amp0JKxizeJpb5k4PKeP_Kys789I_u0CqU0aczmcOpY8E3BWH4s5FypAfs5fZeZxi4_uYzPRRIhDtwrNt6o5ZFmpZsUnrOzjVngZOHdpg&sig=Cg0ArKJSzDhgB9UlCwhmEAE&id=lidar2&mcvt=1000&p=0,0,708.328125,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2064109412&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702346996212&rpt=816&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 02:09:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=331138331645438&bg=!Tk2lTQLNAAY3kmNgF5I7ADQBe5WfOPTgSXn5vorwaqGPBTQmUqK6ydSp1ucGAXk1SWcj7XYkq_r0m7wbjk8qQLq5kTZGAgAAADZSAAAAAmgBB5kDET3h9Z9qEbjZcj8QfW75yGkeAFdOwxrescP45tkvY1_NQsudopOLtzw8NFvaE3hS3xNzZoBSuhp8ha9csuG8NXRwMS5lRQPtEIMoNuTHav4wrHSnnJhyD0wxIuFgQWr9ZscWzCyGXjFE8yLCsToMXtd0_EmrYcXTQ4U5NZFtEMTLe9IG8sQdiKdhKbCzk6_LMvDpkvQ6gtmx52UoeQpKnTqPfBlXd_Vi_XR65YyFwhbIpZTy82IYil7RvG45y8qG_3qIMkyzFt5ldvNee5HmEHUqVg7FpNKMYDBv8x51GBSdvrdFFQ-0R7qzW6_gB8SCQfxm-FV5pgqB34VeiNlQM5faPqKTYpiUzX7Ryq3RdNt_0UJ63Y2t6kz9l6beYGgqG3yNaA77iq6d6_IkG_HnzgZ-CiUdixTUj3gldke-dEutlNijy8Gunf7xzj81yTzrjF9b4VVJxU9rM5mn7EXN0pgs1lHiZTfQ8St6yPPiKkpoIy45znZremE9MClyGlXBzqM-a8LnDmwQ7zQQrTE-Ewe4toYWzX1b0_dx0fUm98XvTLzbzUHpjWv7OgoBtV0HJ561ySJ5UKBV_SB2O9-lKBAFPrQVEbyrJkiNvvaZVBEaIC-0vIizEuI8BjlFUEtgn_pTXVtRaD2eTnhUfoNf8tNBheeI1l-E4G1oIIsgSDLcozRTREUFELwoyZceGAsWnCpYNHzqPFFaInlRvbXq4UuFL-HfBSO-5y3-MJPsNtnQoBczgyZPKEPGrAG3Gj2sjjFhj3CxnHCd-nO4f1JTH1_jzqFMwf32vO80zA4ipGpmpXfnguExPGUjNA4THzhfKcdNiiBGWFF8igX8b8LcWi_QmMVWccB8SJ2PWaS36Lajb2Xt8ul06aNRuLJ95NyuJmrdNHQO_tLVuyfIiEuoMaCasU-G4pWooVuwWEszqk-JKZK9_TA91Vwqcegp_UnHqVottGUI10n8Ds15z2P0fKPsQnhDoX7I1DLhOe_tgaO-vxKCeq4u66kkmZxKXoT_M2cwcNC2Ex8GN-uufjjRtUhT
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.darkreading.com/	1970-01-20 16:52:28	Name: __cf_bm Value: zj7u7oSG0BzwrG2hdgS4y_kQhkMDGf7mcKNgPfK1c7M-1702346995-1-ASRQirmwhVsIETNdrzzAS/2GEdg3tD/pG2O6bAF7qSGdg73yeaz9PrnQgzN6GvByyfGevuiqJCUiaksLt3YAqZM=
.darkreading.com/	1970-01-20 19:02:02	Name: _gcl_au Value: 1.1.410234690.1702346995
.darkreading.com/	1970-01-21 02:28:26	Name: _ga_1X1EHQ3PFR Value: GS1.1.1702346995.1.0.1702346995.60.0.0
.darkreading.com/	1970-01-21 02:28:26	Name: _ga Value: GA1.1.719231591.1702346996
.darkreading.com/	1970-01-21 02:21:14	Name: _cb Value: BhEcnYDSYw4ADTox06
.darkreading.com/	1970-01-21 02:21:14	Name: _chartbeat2 Value: .1702346995618.1702346995618.1.CR-CUDBO4eKKDTqi6tBmUAnsBmR4mk.1
.darkreading.com/	1970-01-20 16:52:28	Name: _cb_svref Value: null
.darkreading.com/	1970-01-20 16:52:28	Name: _sp_ses.94c4 Value: *
.darkreading.com/	1970-01-21 02:28:26	Name: _sp_id.94c4 Value: db5e20fe-8929-4c9b-b6c4-6fece34593b4.1702346996.1.1702346996.1702346996.c9d83e2a-c59f-4263-9256-d65ba8df67a7
.js.ubembed.com/	1970-01-20 16:52:28	Name: __cf_bm Value: xyRT2VjrxNU.jvxzby3ILywGM87NYK5OiIiAPLy7Ipc-1702346995-1-Ae7R4RZfIY6hkArzsncxo6hVUaJM0T0IrYp1RjjQO1pefmHZvNOEWwgSlRz/AtZxb4DX00RrOdjYADoMtQUFOOM=
.darkreading.com/	1970-01-20 21:11:38	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Dec+12+2023+03%3A09%3A55+GMT%2B0100+(Central+European+Standard+Time)&version=6.39.0&isIABGlobal=false&hosts=&consentId=30778c0d-8dd0-4fe9-bce8-b81ee667a512&interactionCount=0&landingPath=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Flazarus-group-still-juicing-log4shell-rats-written-d&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.darkreading.com/	1970-01-21 01:38:02	Name: sp Value: a4e37c88-f17e-4b5c-a4be-48efe6e3b20b
www.darkreading.com/	1970-01-20 16:53:53	Name: _iris_cdl Value: Ki50cmFkZXB1Yi5jb20=
.darkreading.com/	1970-01-21 02:28:26	Name: __td_signed Value: true
.darkreading.com/	1970-01-21 02:28:26	Name: _td Value: cd460d24-16c0-4131-81f6-a8cdc8804859
.darkreading.com/	1970-01-20 16:52:28	Name: _hjFirstSeen Value: 1
.darkreading.com/	1970-01-20 16:52:28	Name: _hjIncludedInSessionSample_2610568 Value: 1
.darkreading.com/	1970-01-20 16:52:28	Name: _hjSession_2610568 Value: eyJpZCI6IjgyYmZiN2RjLThhZmQtNGE4MC04ZjVjLTRlMTFiMDlmODQxZiIsImNyZWF0ZWQiOjE3MDIzNDY5OTYwMTIsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjp0cnVlfQ==
.darkreading.com/	1970-01-21 01:38:02	Name: _hjSessionUser_2610568 Value: eyJpZCI6IjFhMWI4MmQxLTBmMjktNTBlOS04YjZhLWY0OTczMWE5NzYyOSIsImNyZWF0ZWQiOjE3MDIzNDY5OTYwMTEsImV4aXN0aW5nIjp0cnVlfQ==
.darkreading.com/	1970-01-20 16:52:28	Name: _hjAbsoluteSessionInProgress Value: 0
.in.treasuredata.com/	1970-01-21 02:28:26	Name: _td_global Value: 797e0f70-48f1-4551-be20-3fda099292fb
.doubleclick.net/	1970-01-21 02:14:02	Name: IDE Value: AHWqTUkhyqs8hehM936_YCJgCz1oICr6bnGPRHTfL3Ye31sZaxDdNmfwVCbjw6DoCy0
.darkreading.com/	1970-01-21 02:14:02	Name: __gads Value: ID=ef57cb7875bb623e:T=1702346996:RT=1702346996:S=ALNI_MakbXBH7oKpjckYYTsAtLZ0E2KoWA
.darkreading.com/	1970-01-21 02:14:02	Name: __gpi Value: UID=00000d13bf19ef31:T=1702346996:RT=1702346996:S=ALNI_MaQNbXSj6ceQHKK4ZG4clmFno08Gg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3153600000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6600d6d98e534115970f9529a45f3195.js.ubembed.com
ads.celtra.com
api.iiris.com
assets.ubembed.com
b8f45e5b782b28a61a9f64c0df209487.safeframe.googlesyndication.com
bam.eu01.nr-data.net
c.darkreading.com
cache-ssl.celtra.com
cdn.cookielaw.org
cdn.treasuredata.com
cognito-identity.eu-west-1.amazonaws.com
connect.facebook.net
content.hotjar.io
eu-images.contentstack.com
eu01.in.treasuredata.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
in.ml314.com
js-agent.newrelic.com
marketingplatform.google.com
mb.moatads.com
ml314.com
pagead2.googlesyndication.com
ping.chartbeat.net
px.moatads.com
region1.analytics.google.com
script.hotjar.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.cloudflareinsights.com
static.hotjar.com
static.iris.informa.com
stats.g.doubleclick.net
tpc.googlesyndication.com
track.celtra.com
www.darkreading.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www3.doubleclick.net
z.moatads.com
108.138.26.47
13.32.27.19
141.147.81.223
151.101.66.137
18.184.48.90
18.203.9.136
18.213.234.103
18.239.69.54
18.245.86.23
18.66.112.49
18.66.97.53
184.30.17.133
185.221.87.23
2001:4860:4802:34::36
2600:9000:2394:de00:18:1fcd:353:c61
2606:4700:4400::6812:2089
2606:4700:4400::ac40:944b
2606:4700:4400::ac40:966b
2606:4700::6810:3865
2606:4700::6812:6d2f
2606:4700::6812:6f2f
2606:4700::6812:82ec
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2001
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9b
2a03:2880:f084:d:face:b00c:0:3
2a05:d018:94a:8a01:c586:685d:9540:69ee
34.117.77.79
52.71.135.118
54.160.147.69
54.161.239.77
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
0172f18458c048b682616c38fac51182fec12e9b4a918ff4229c18499dcbbd4a
045793435ca05c0d84981485da28b898fbbe028ca4c24037dc1208ea44f94026
05ae00cb8fc5b43d4fadb7c7999a1e1394cd9f6b9d774aef6c047ba90b1f8087
074b1c42c1015602422da108d97bcd9a4cc6452467aed7c76a1ded76b7c7ca2a
0a17db463925c3ec62a4c4869d938f62d5e15202a6d39d51bc47aeda6c56810d
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ddc5f310dced37a33e8a20965de6da30c112ad468daa253bab6b2d7fd1140da
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a
10593a04f40d62f14afd5d786653fada77089e1845dacfa3f68d4d9ab353c3b6
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
10c1fc45d472d1c1a5c7993c0aae005fe362ba9766c0d02f0e39cf1f7bd004b5
118804ffb57d9794c6dcb47c2cf07d9468e29c024e34d462517f24b74061300d
127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793
12d04146373bc5fb49c6a59242e2ecf68a936d237df36502ae6019a69a22b82a
151d14c0610e501f14fe35790c23835a48d2be32fc0a25ee72c24b24126a4d0b
16babd6112c0245fd8d02276048fa88f6a4a635a8be83ad405c55ca0fa6d08dc
17fa83852bd61cbb11f9304c8721309095d1edd7b76e624dc6d6e9b1175b63f3
1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7
1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e
1ce70c645f6b6846f8672e45bcd296846e0ba2e56add026bfdda616c11646e24
1d461f256e6f064d9cd3edc4312627748b8d5959bd3461fb0d66f52d9d1752cb
1dd68dcb98eb77fce3df71af24b3f7008364b47b4c65e392df693275f59639fd
2074b871b5a0cf7a87e49f1e4af7080145ebebf4e674ffda31643747d223cb30
21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27559b119f57726b572027d0abc14b2f972faa34b2767075adb05c8d85d00e00
2936fe13574318d83664642a376fa2fb1701a6b54af72ba96c3ee0ea3e975814
2b8322bfccaa5c0aa4a37e06b916b11d517b7a2974ce3cd810ea57ba3a1ffd68
2ca6ce2978a3f8e1902a416ca4b365bdd255596943425a1974f58886fee7e057
2d52ee2ab8820842d2d0451e6be1bbed808ca56e6c34722326c4293cf75334e0
2eefd6a5b2748b2d8aac175fd9aaa32b25d6a37e82a00e1ee49bc32d9b39fc15
2f27b92b9b966ffdd166be51401f836aa3aa6dac8cdd60736582a14a83f8538f
302767a8452a2426cbe837e8404c5405d131a3ab1bcd3c80c9538000c8cc0802
308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ae8a1698011ed224db2fe5901fa638b35f45e0d2101b0d8d3471cd2fe69f6de
410c189549a78a79e62eb2695df7e530ff1ea4744f700e6577a103c2d21f5c75
416f3ca7dd28d9f38c5fb92b7704230b81f53a0d9e8af20631836be0e7e29a3c
443cbb0866be9f66c27684372e1c8384d67f03b991b979441b018eabf3eb3f91
446dad4d6c2d9bacaf42041ded317994bb1d6b1e003841affff3c549096de2a8
44ef96c51c6dbc388524a1eaaa4e11ee896f5236de64064e2226354e5550f812
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47019850f97be384679e4348c17a61e5254490eef7f31692db554c8b2e72f128
48f4156ff81d5ae3e7be1f4729524d26f6df533f7345cd7c8cbe1675ca912325
4926da14a54020f2be76fefa829aca6e95a28f02446b4bf0810d9b12da0b624a
4b08471b5dafc80338ffde184b1a11b2199e982708e2e58efd3a6e0d164ce654
4b475b63a797144d91a4b2e34499ab7321bdf6d298d5f1177ec1fa3f5d3b4e0e
4b68a678d10f5be0596ffa32b72aaae9e5f4c0328ca7ce7febf2115ef9525aba
4cfdb94203e02d73551d535b8baafef17d1d49d96f2c525b077463aa56da780c
4e3544834b91e44441b532b1543211033bbf7dfdb06b1c540c6539ce2f04c806
4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140
4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435
4f7d77bb6f08edfb4c9d750f2804d993d677fa569fab3255532cf545a55d105e
556b62129d954b0d5b92c4f286ec0234774ac6d41353a3c84f8349fa94d88cf1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
58016ccef8b151b18ba8a751a7666689dcb78facc25a8710434d2e8629a83142
583e546f8aa28727e3fa9ebdc8943c0193d63e12bd3f73b23a42a1f7397d0db2
586ce3ca1ff7925119c7e1d15db9142e95fccf6aa455e99a38b35b4fa4201820
592356a6c52e99185da7862c1bc4929308efd3618e8f1c8e1dd665abf205ee62
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f
5cb656f87e7996fd5e358ec6432fc9adfbb76a209a6dfd6b29666c8198a080d6
5d3cd2d24db1682d0f6ae2c7578f550a6081535321c2c786d8be76b36ffe9857
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6191075f9483411e4b0e486a7e6b40bb66cf484872c685d6a1d69dd16d7e988a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62eee22f7f92913689361d7cad70e166c1f0fe52937c1269996cffaa712e60f7
6569c8070cab2447d46991d8d908bc32f93e558ba8c1e5ee03f7dc91e7dcb36a
66cc474b43b663473eb8428a447f98985686161b8eab8008b9ef4f2dc356bb2a
6873f3c48527407e10b9b0be039acfccd740a112abd9ddb988adbe4d0d86624e
688920dcf3bc915f06fdb081e29e9c2b6fbb0ea6727fe5be74f33db0e2c0ad6b
6a67e8ae3db790f1a327f521242195c3ca55cd7392b16f22614101d2b38145a0
6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677
6ef59df86d3826ee2048c7707b14be9a819ffe3ce87ca7e989511ac24e447812
6f6c238a9a2e80c8c02722c6c32626d8f4a338f5cbc66dd3b0839c0777dc2319
70762bfafc8225cf5100e093aed9cff2067f646efd71f12c209d6e21f03d460d
72d0e968a2bc13b2b3af3a39d1aa6f240e37b3054feaf1ca31b18399974111fb
78977aa7e48ac3ada126337dcb1135aef21a49c3371cb081e75b7e52397ab906
7a58001b26b1b397ee0a3a7cd9fd2f1d0ff18403c7abe79189664551aa569a53
7b75529201e97f7566ae404c0bd803c64ce29092a13c8e1893369ef3c32c6337
7e8c9ed26277e3fb6a723db40a20a665586cd33f157a9b2b86775440224a752c
7fe6411146e7aabcda85d71ec42eabe4fe5fb199f0e9ad759bfa78a42a853535
80d06da2e408726dbc4a3c5676272c5de3c9531e8b13b31c2541189eb91dd800
80e48a84884058bbaa35c4859afc308daccfdffa7c2d97b0b30cadc23967bd1b
81296cd80a48277304e2bc65bca848e51811c932b6e849f756f7e36b4f53bcde
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8504e973b706727ed2448ad3941873fbfb0437005c4ce1b265ea34098e0aea77
86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda
8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca
882c0ef9f4096af29e037f9ba9dcbc71a46605828ae12a77002c0fa5e00c309a
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
90523092a383e5b3308aa18e8807788a6d5401f7a7eea157e9fcf3fb8050242e
9062daac44e4a1366d431500e8043facce1095289d1f9dcbe812a4d05b1b6998
91e1e324b948856bcaf13a2cb785a088349cdfe56a8e7625fc76393088f73f83
9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39
980aa198822ce04fa8ffe42f9554c4ec3f34c2e8928fb18e01d50465e41392c2
982660fcb5b96257c76ee1630c931fa52b061e7bdf3b7860c553a577036cc217
98b3abaf3cd5958921d02ea49d4553536f1b578a3a7ca7feae8d291389e40b1f
9a69ca131aa080796de8028c1569912fea9af524ecf28e74059c880d7883e4c1
9afb4208e4d617a2672fe91e0eae18d076310ca43de095806415c10e595533cf
9cbcfc63c29d616773550f8fbc28b59c529cc0ee6b783d2366b9df8f290480cc
9e4d00cfee02d472b0c80124f87c00a8cb8ea5610201ebbf922d894d2fea4db1
9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a
9f1f9f8e008bf24d75c184c9869938088d58c76581b056b378d7b3dab512502e
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a3840450b360c02f20c58cb84b2ad8be644662b0622e4b1b31dd9d9c27cceaa2
a3eec595bb4a367fb8b7851c90c75aef35b9351d576daa1a225486154bb18b27
a54a7433709edf77b1464bbb29d132f7f79aa998b9050bee477e33a65a0b2a7b
a5beedf0a9b1e24fb846f1f256f5ba7c62af6ad06ea0965540b1c467dce23944
a954ff30267fcdc900f3a43a1a0a20627b4a08cf6d9c79c564aabb2d108662f1
a97a5ae8f0b245c69a8ef6d33f6ee9271df4482d910cbdeef9d7e0abaf78da79
adf79b66cbbd03530848f847c4bc5da897638de5c469a35ba3a636a040f32323
ae137c002dd470c2b74f83bf3db62f9d6755b6f7e0674acd79a3e7ec4b9738df
ae59b218ab2a4bdc90c9da5d696d7c14eb10c26ddfe9882dc74f4e4e0deb7255
b05a88534acbb01ad68cdf4956b2a75a89504ba57396b56f4b7e17a357d6e2a4
b0fb3af484abb45489f3215ba712a50af3fb610841d59bc2f71ae515d502f36b
b29e030300686c8f25abb60f77739a8b7a029360de8e44b84137f0ee78b944c6
b363dcad8312450cbb6a3ede9b98fa41d975f29a24020e17a28a68f5548dbb62
b5e06ab6731ba652b762ad9d01d545d84ada4c356b6c4ca7a223b65c6b536f69
b6c8c3233d3127db0d662fb724e1cfa913b6651a2a0ec175c9a40e89ad56ec08
b7dd61f31dd9d4d1b9e2b24e139ddcaef62287a13664cdb50544ea421f1a1899
be2d7c6c0f46b379568cad187530ac45f6e818cb5679ba45e95f52f9afb8a1e8
c104bc5974423b88e53e00bca716b0943a8287088540a368eac8ba0e4d6c9428
c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794
c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c8a03522223cf64474a1f91e02c8069ea5560a23266b37b476d7602a621f0c38
ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e
cf3119fdbf0f06025ca1ee2409e2e10a29785c6184c927084c8da22fc0db2e79
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06750ddc9377500a5cdae168cd2ee5d645cc4adcfb09d4d72c791769af2441c
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d77bbeb1ea8829b6393cea82fbb61008b45d408bfe35ac9bbcbfb7719b1dfe8f
d8f2a6eb1c5b845fbc8ff1d6e3b48b9429d8e320e3925144bc7a07795ab534ad
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
db4bee11e5ed375cbe35b690b2390e4e08f7dc9140a83796650d3fb2dff96ade
db5eb2d27578091ffe259eb136e56ca717c07abf5ff0a80fd0aafd71389a8279
dc04678d711366bdb107aa81eef1af103df63d6ea5540ff082ab6fe29dd1c9a0
dd05e918a64da4585572ba90ed62c70afaf7fe0ef3451232436026fa8d10c003
dd34a5668e6084a9683d4910202906d6aecafa413322b5f8030576c865b248dd
dd703585e2151539e5f111ab3fc2b113a4fc37dd37831b8d7fad2b37dea21d80
ddbfe7fcf06a23a5b4d09a01540a814654cc0457ead80cda1eb07330da106497
ddec949a61493a83293b5731fc09c23a1f9132e29147c1a4f519548f01287693
ded62870548b2eda6d63659223400c8c5b59c1dfd772108ccefaaf7ee7a0dca8
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47781f8172253505cba91fb6190596dfc106b127158cf7d89587eba532cd642
e5836b0f5b9092c9f810ad6ccd9db01c1fcd57889e8222f558d9c2b59b082d7c
e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395
eafbdbc0095496b50fe402ab67963cc4ebba0d4075f384219b7eea3f84fedba9
ec7322e59691444d04994d205252b3d0d55f901d2bbed463b593aef3eef6ad8d
ed870769c4fd967977ef0930a14927ac6035d0a9fcd9db0bcef385da69bea2eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02edc287b721a068471a9e12391d5ec4310291401d61f578bba197c1a6ac148
f22902ecf71a804942071a8a3936830e1c4679cbb5932b61aa7660b412756186
f2abc861e62d4050ec1379274c6539b5d56a6d6c707d126c28e931463993ed11
f38fba41b47e5777585f56e05073811ec8d97dc0c0677c203b90bbd26cc1c968
f3d2b7e55d13189504623109c556e1cb775a14cd270bff5dbda182471bbac602
f63a96e167b022cd7b40c9d8a9daffbe9d9c3b769e7dbcbca3d71e923ad5a688
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6a1a2699f8213c5a0f49c739978c3346cd387de462fa18e442fa9c4ed73b6f7
f76b8089085d9f5781611ba07f6e3c1642e03503a732c182fcdec4b6a8ef38b3
f7a65887be313c8c55d2a3ed227369fd6e1a2a1ce04ca52f002c4a6aae9d6508
f9779d8024e08184691cc163d075ff06964487a870e03ea6d58497a6a623cc5c
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fcc48eaea0616fc57430f2303431e9ab6f452fa7c79bee0ad28b9dcab0cb80f0
fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6

www.darkreading.com Open in urlscan Pro 2606:4700::6812:6f2f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

241 Requests

99 %HTTPS

57 %IPv6

28 Domains

43 Subdomains

40 IPs

5 Countries

4302 kBTransfer

12014 kBSize

24 Cookies

39 Outgoing links

Redirected requests

241 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.darkreading.com Open in urlscan Pro
2606:4700::6812:6f2f Public Scan

Screenshot
Live screenshot

Full Image

241
Requests

99 %
HTTPS

57 %
IPv6

28
Domains

43
Subdomains

40
IPs

5
Countries

4302 kB
Transfer

12014 kB
Size

24
Cookies

241 HTTP transactions
7 data transactions