www.darkreading.com Open in urlscan Pro
2606:4700::6811:7563 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Submission: On July 20 via api (July 20th 2023, 2:10:11 am UTC) from TR — Scanned from DE

Summary HTTP 248 Redirects Links 44 Behaviour Indicators

Summary

This website contacted 51 IPs in 7 countries across 36 domains to perform 248 HTTP transactions. The main IP is 2606:4700::6811:7563, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.darkreading.com. The Cisco Umbrella rank of the primary domain is 130837.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2023. Valid for: a year.

This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 36	2606:4700::68... 2606:4700::6811:7563	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6812:aa72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 28	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
10	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1c26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	13.32.99.66 13.32.99.66	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:b96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.201.242.231 23.201.242.231	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.99.85 13.32.99.85	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:4600:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.18 13.32.99.18	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:7963	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.0.197.153 52.0.197.153	14618 (AMAZON-AES) (AMAZON-AES)
1 2	192.29.69.231 192.29.69.231	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2 2	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
2	52.72.174.214 52.72.174.214	14618 (AMAZON-AES) (AMAZON-AES)
2	3.73.184.11 3.73.184.11	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	108.138.17.119 108.138.17.119	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.79 18.66.112.79	16509 (AMAZON-02) (AMAZON-02)
1	66.235.152.152 66.235.152.152	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
13	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
31	23.32.185.123 23.32.185.123	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	54.208.168.48 54.208.168.48	14618 (AMAZON-AES) (AMAZON-AES)
1	185.221.87.23 185.221.87.23	54113 (FASTLY) (FASTLY)
2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.11.96.30 3.11.96.30	16509 (AMAZON-02) (AMAZON-02)
2	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
32	18.66.112.49 18.66.112.49	16509 (AMAZON-02) (AMAZON-02)
1	52.3.151.18 52.3.151.18	14618 (AMAZON-AES) (AMAZON-AES)
4	52.202.6.212 52.202.6.212	14618 (AMAZON-AES) (AMAZON-AES)
248	51

36 2606:4700::6811:7563 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beta.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

eu-images.contentstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1c26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.99.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-66.fra60.r.cloudfront.net

static.iris.informa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b96 (United States)

ASN13335 (CLOUDFLARENET, US)

6600d6d98e534115970f9529a45f3195.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.242.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-242-231.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-85.fra60.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:4600:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-18.fra60.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7963 (United States)

ASN13335 (CLOUDFLARENET, US)

c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.197.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-197-153.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.29.69.231 (Toronto, Canada) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

trk.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.174.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-174-214.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.73.184.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-184-11.eu-central-1.compute.amazonaws.com

eu01.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-119.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.152 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-152.data.adobedc.net

iirexhibitionslimite.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

35f84c9835cb2e3078c3c1b7bc7fe174.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 23.32.185.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-123.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.168.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-168-48.compute-1.amazonaws.com

ads.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.221.87.23 (Ireland)

ASN54113 (FASTLY, US)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.96.30 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-96-30.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 18.66.112.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-49.fra56.r.cloudfront.net

cache-ssl.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.151.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-151-18.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.202.6.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-6-212.compute-1.amazonaws.com

track.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	darkreading.com 2 redirects www.darkreading.com — Cisco Umbrella Rank: 130837 beta.darkreading.com — Cisco Umbrella Rank: 284431 c.darkreading.com — Cisco Umbrella Rank: 386333 trk.darkreading.com — Cisco Umbrella Rank: 548137	1 MB
37	celtra.com ads.celtra.com — Cisco Umbrella Rank: 3648 cache-ssl.celtra.com — Cisco Umbrella Rank: 4443 track.celtra.com — Cisco Umbrella Rank: 4350	949 KB
32	moatads.com z.moatads.com — Cisco Umbrella Rank: 670 geo.moatads.com — Cisco Umbrella Rank: 785 px.moatads.com — Cisco Umbrella Rank: 580	673 KB
32	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 stats.g.doubleclick.net — Cisco Umbrella Rank: 116 cm.g.doubleclick.net — Cisco Umbrella Rank: 243	538 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 35f84c9835cb2e3078c3c1b7bc7fe174.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153	507 KB
13	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 488	91 KB
10	contentstack.com eu-images.contentstack.com — Cisco Umbrella Rank: 48442	47 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 369	289 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	337 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2609 www.google.com — Cisco Umbrella Rank: 3	1 KB
5	teads.tv a.teads.tv — Cisco Umbrella Rank: 1467 t.teads.tv — Cisco Umbrella Rank: 2450	133 KB
5	informa.com static.iris.informa.com — Cisco Umbrella Rank: 48831	32 KB
3	ml314.com ml314.com — Cisco Umbrella Rank: 1799 in.ml314.com — Cisco Umbrella Rank: 8964	12 KB
3	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 14634 eu01.in.treasuredata.com — Cisco Umbrella Rank: 21244	20 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 56	21 KB
3	dpmsrv.com s.dpmsrv.com — Cisco Umbrella Rank: 22705 a.dpmsrv.com — Cisco Umbrella Rank: 18749	64 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5665	515 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 724 script.hotjar.com — Cisco Umbrella Rank: 889	73 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 94	65 KB
2	ubembed.com 6600d6d98e534115970f9529a45f3195.js.ubembed.com — Cisco Umbrella Rank: 283430 assets.ubembed.com — Cisco Umbrella Rank: 12411	49 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	174 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 710	56 KB
1	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 9424	464 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 413	98 B
1	omtrdc.net iirexhibitionslimite.tt.omtrdc.net — Cisco Umbrella Rank: 403611	808 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2657	258 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1238	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1535	15 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 6325	3 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1198	48 KB
1	gstatic.com fonts.gstatic.com	20 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 632	316 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1162	7 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2651	15 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 255	7 KB
248	36

	Domain	Requested by
32	cache-ssl.celtra.com	ads.celtra.com
28	securepubads.g.doubleclick.net	1 redirects www.darkreading.com www.googletagservices.com
28	beta.darkreading.com	www.darkreading.com beta.darkreading.com
25	px.moatads.com
13	js-agent.newrelic.com	www.darkreading.com
11	tpc.googlesyndication.com	www.darkreading.com securepubads.g.doubleclick.net
10	eu-images.contentstack.com	www.darkreading.com
10	cdn.cookielaw.org	www.darkreading.com
7	pagead2.googlesyndication.com	www.darkreading.com tpc.googlesyndication.com www.googletagservices.com
7	www.darkreading.com	1 redirects www.darkreading.com
6	z.moatads.com	securepubads.g.doubleclick.net
6	www.googletagservices.com	securepubads.g.doubleclick.net
5	www.google.com	www.darkreading.com securepubads.g.doubleclick.net
5	static.iris.informa.com	www.darkreading.com
4	track.celtra.com
3	a.teads.tv	securepubads.g.doubleclick.net www.darkreading.com
3	www.google-analytics.com	www.darkreading.com
2	t.teads.tv
2	ml314.com	z.moatads.com ml314.com
2	cm.g.doubleclick.net	2 redirects
2	eu01.in.treasuredata.com	www.darkreading.com
2	a.dpmsrv.com	www.darkreading.com
2	ib.adnxs.com	2 redirects
2	trk.darkreading.com	1 redirects www.darkreading.com
2	c.darkreading.com	www.darkreading.com
2	www.google.de	www.darkreading.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.darkreading.com
2	www.youtube.com	www.darkreading.com
2	www.googletagmanager.com	www.darkreading.com
2	code.jquery.com	www.darkreading.com securepubads.g.doubleclick.net
1	in.ml314.com	ml314.com
1	geo.moatads.com	z.moatads.com
1	bam.eu01.nr-data.net	www.darkreading.com
1	ads.celtra.com	www.darkreading.com
1	35f84c9835cb2e3078c3c1b7bc7fe174.safeframe.googlesyndication.com	www.darkreading.com
1	idsync.rlcdn.com	www.darkreading.com
1	iirexhibitionslimite.tt.omtrdc.net	www.darkreading.com
1	vc.hotjar.io	www.darkreading.com
1	assets.ubembed.com	www.darkreading.com
1	ping.chartbeat.net	www.darkreading.com
1	script.hotjar.com	www.darkreading.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.treasuredata.com	www.darkreading.com
1	static.chartbeat.com	www.darkreading.com
1	static.hotjar.com	www.darkreading.com
1	s.dpmsrv.com	www.darkreading.com
1	img.en25.com	www.darkreading.com
1	6600d6d98e534115970f9529a45f3195.js.ubembed.com	www.darkreading.com
1	www.googleoptimize.com	www.darkreading.com
1	fonts.gstatic.com	www.darkreading.com
1	geolocation.onetrust.com	www.darkreading.com
1	static.cloudflareinsights.com	www.darkreading.com
1	stackpath.bootstrapcdn.com	www.darkreading.com
1	cdnjs.cloudflare.com	www.darkreading.com
248	54

This site contains links to these domains. Also see Links.

Domain
sector.ca
www.blackhat.com
darkreading.tradepub.com
www.informationweek.com
messages.blackhat.com
www.lookout.com
www.justice.gov
www.interop.com
www.networkcomputing.com
www.itprotoday.com
www.datacenterknowledge.com
www.omdia.com
info.wrightsmedia.com
twitter.com
www.linkedin.com
www.facebook.com
www.youtube.com
news.google.com
tech.informa.com
www.informa.com
www.onetrust.com
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
darkreading.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.contentstack.com Gandi Standard SSL CA 2	`2023-07-03` - `2024-08-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
static.iris.informa.com Amazon RSA 2048 M01	`2023-07-04` - `2024-08-01`	a year	crt.sh
*.js.ubembed.com E1	`2023-06-23` - `2023-09-21`	3 months	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.dpmsrv.com Amazon RSA 2048 M01	`2023-03-18` - `2024-04-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-07-19` - `2024-08-16`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.in.treasuredata.com Amazon RSA 2048 M02	`2023-05-25` - `2024-06-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
celtra.com Amazon RSA 2048 M01	`2023-02-20` - `2024-02-07`	a year	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
ml314.com GTS CA 1D4	`2023-06-07` - `2023-09-05`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2023-02-27` - `2023-12-14`	10 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Frame ID: 3E11DDDD150C1823775E197963FF48A6
Requests: 164 HTTP requests in this frame

Frame: https://35f84c9835cb2e3078c3c1b7bc7fe174.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 49E0B63A38391FA513DCD398EFF4C564
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzuaSvaNH9V4-66OvhC5f0br2JRbbzwS1WrYhlYlCDofcojpHTz3daNAgclgXnmJUswn7xHUMEOb24l-8607iwmt3oehfqOtiSrUxnJ5YxVyx6HnntJE0eRFUhHdHKqGA4hF-Rx1_ip_rnKgNRSro7uw3RHi9v8L4veRuAZZrK1WbPT6yc1ITe91AyjmyZ1OgWCprUo5dNc-qY39pp9nTtINuLURAwsmT91hANLdZWhym-6QVdShEYZHkebpQjOzMJ5GlEws95zN8Cvu1A1qyEdyjCSDLBRVus-8oVRXY6-41gMewsHxVboIaTEVKr2mnlBRwY1ii69bhafoLyBYv5VZIdW1duyaeRQG4xATXu3V63Mmo&sai=AMfl-YTBiROGcp80g7t2g-rNL0MfMStIffNvDLxlPyBq0kIkXVTEY2-fdXtKCQM_cEcrqKtvINDFovVGI3eWsgVxvr23rOpBfzFtFgSJFMVvnPfBiFlryITmurRUf8EEL6A&sig=Cg0ArKJSzJIgeZGGOhlbEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0A63EEBBB2781B7E47BF6C9FAED958B6
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw0dxiLkvW2GyrCcpLWjQbHOGwTY__61G4b5Nl8UyAXv4Ps7pBco5mNE1XBDcSNAeOT_Vq_XP-zpEpMRL52uPG1zgowVBttKKOOfw6HX8EtH2Aa3E8eF6QIVD3ntbRxC3oftdvTX0HlXuIR2VJ21ETDD54Apc0_HLyhc50i7Kr9HAVUxkWHSEcS4n9hzdl-5V_ERtaJUMxoG-bO2eYZWYzGV1WJ5AG0gHhCFnjY9uJ6Vy4Rd9L0qr4vqQLl_4xjgxkoNjWh5OlBn3cAAfR2WSNQlLRNtY7seWSpBk1yMBijvg7q78ZDLOJk-aoPflZjskaTEdTCivh_I2g_E9cu-DemIYNLze8EHVz5d-mmxhieht19jECoP-F&sai=AMfl-YTzeoz1hGC0hapuFvZJzdDZ6ov4Z1HTZsJxeHqozwzKc72KTvQCxWa3bze8onQyNH5NzXewpm3K3FTxyReynhmRYHSeFnJL98oi117PKqfe62k4qkAQ1n1SAjuV5ig&sig=Cg0ArKJSzJxsNdLD_S3SEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6761AC7F7F58AC22AD3103CBDC0C9407
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbvtsCe0UygZhXVTAgXJ-mYm3jUED2DPhG1YoMMh2pSUyMlJ7wIhljd2y4sqYRGpG1i_LieVi3fOJ1DIk4qHxORhAUS3JzwbcEnamY6DBvjOBYZK-CaEiZWuqCfD4Mygd03l-H3btrcmLKRYAjzBvAZEdf3YmVD-zNT-vHl5b8swR2dWSkyegAg001jNK52BrilTnGWh_fNG6UOEzitnInL3cGE4mtsJ6IzK_k_KLplKoCU-OjOqX4EarfPTBixlSLCCnDyMgFgIvKL0xuTVP7Q0XuLcL1YkFMHtv1EitDHeISiECPouGJQTXDyHhpCdbGt75XjBeVtVY5eTJ26mMtWgsaUmIPyr_KQTMuLyiyWYuYZWOB_6S-YKTaNAAMjbAyC4CEu2W-qZWLMg&sai=AMfl-YTjWL8vBM6vq2lonAeWBV8PTOMCKlB_xFHdbi8Y-XWnp6zbDeV_JP0qmPP7clK2gg3RMocK_qrXytTgfSXwuH_-Vrc4_RUWrG3PruRRmGqDaaeydSa-qs805wiICw&sig=Cg0ArKJSzC3ausjA8jaREAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 427DDD8A546D53129BAE7E27A6CCC35D
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmSHQ0myZ5uuyts2-lYOgO8ti9giRtmVlu0ebZHP8Me3MnaihGCz0jqk3DxNXjvnhk8aAOpR40BKldivuVsuWhKBGIHy94HoSTACjjuJ4WE1pay8yEBg-sRzYPfVvcmXuWROk66pMNSMcpCDiCcE_CHuFEf5FAw0GpxPE-8YxFYoMVydnHvRWCJblKrxn11ZxJYrK46pZyF3K4_vaexc-vQdrMym7ED1-iMDUYNc2ZhuZh9Aw98tU30YCY1hIe-kZbBLBpyBuykQCcfBP-tmCJba-hkCZ999pPuexy7NfqiQLfy6FtwLBnSYLyjJZI_jd1adwZbcrcjPkQ3mbkI9H2_s-KjeMM2qkZHRScC38qShvd_rOG-Cle-B_x&sai=AMfl-YQ2Rufr20Y7zHVn2Q53yXLROmuKVGnvwoyyQ6OVdHYE00i67YIdb2hbI2cCB96y3OsO_WsY8wkDh01pSlRixGtGtnW5eAx037VpeeN5N9KRiQWKLGvztyTW6fj6bXs&sig=Cg0ArKJSzFUENZBj8auYEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F86BD1AC98C5E1AFD43B43E2F791D716
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK2SM-bS8lsRxbO5ETk2kBtMhz13cyOx7Q_U-n77L0QomkMfYddGLgRdyxUJGozc1E3LMBpzeaI0M4yqAYWzluA6ruVAL04Q3kOJi64fwTdfhXl1SRHAwXFRMHGkiu3pDMAqWeUoPSaCw2q-QAivZzRanSeFSExGBAgLGfL1w-2wZuWU7OYdihxTtUgvBhHrn2OM5dUEnlhYF4RlznUcQiumNmAvkfOORuJZ_h4evZG3vKC7LhVh2Ydwmhy9sAy7P_Ib6GOxiWxTRG8xL-g31uDMR2CqpDSWoqyGTuVL_-ciVfbpTeAZmGbHP1HqKyFczNybVAoj5ssNbmLsPX8mjXwyvpTKc1NDm2QBkZLU6kBtDs8iGzz4vD&sai=AMfl-YTbmS4MDOCs0TQ0sIsZBWEe346z6LDmIuloLJmz8YtXGhppRSH92BEXKIecGYjlbAQHTe1Ndkw0VOJtloOxVNe7xbhPzMs-jW3SJPHZZOcXmL7i671z8CHUtAMRHKc&sig=Cg0ArKJSzK1pTJLe88-4EAE&uach_m=[UACH]&adurl=
Frame ID: C091837BBB10147DD91FB63CFB370090
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssalQ251XwypVpjw1av8HdOJbTo92EgbEZcG-5XwIqszebUpOGMWneHGVsjXj404-YULf_BiBPOvid17E5FAZA6S8BpD9cYbMkELARFsz8CDk8FNflvKveWUAXKw96dcDLpsay34wTVqvIJ-nDhIhKv48fgaX7W5YLR45mdz1W2Gb4fsWsPe33xEBw-Ze9KgL59-daRRE76yohwbQqm8ry-Bt9WExSAB8hVUsuDvBY567_Z_L1wBL1chtuwsij2azrYYM3hdc0P8Zm3pRGy2hfLqPDHEwMbKrwBRCa0LGfyBA-lmxhZpgPAXZLn9qxX4b3DuA82uvPSy2ttC59ajiZQYqoOcR2x8NpLACDhOrfzoRaF0fgHu2VD&sai=AMfl-YS2l36Dygg6l9Q-oxwov5eijJ_LIH1a9yTuvPP_fnm37SlpR80HMr_FnfOcSBA64pY_ayxku1YlDIvGsK54KCYX_rVWwjln7RvB5U5y-l4roExyO7IfPXFTAWi5530&sig=Cg0ArKJSzDn9ER2YLxbFEAE&uach_m=[UACH]&adurl=
Frame ID: 2B7B43108F8F1762E649D7D209D1E9C6
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupu6tIlEQUPZDcPp8jlrnlQ_LwPi17sImKDVimKc3PMrfgJKpDcloqr85XkF3yxXXlVCsQFRHjZwNRXzGim4AAhfdx5T_F6OHS23LCUzxUtEe-Ma-__jPA7OeqqbPZSJTbCLau6DCmPMVS72Wb4WCrZcf-D7Yvcydj5OUGMk-fvTq6Vnx4KXqmI70yb3BgcjiQJNgG4ldiYmVWgbcqfz_w9FlILklNMtBduqfYhcQap7mAmt86mk1vMHYGn52uHTVwbgUFmxPTE34JPl-UWRJF56zjflxAhTlOM-Cihmie3PnXlHttfjZH_D4DZ-b3FXVy0pVXS2xXHilnGliYYcJFUk2N7FWoXvhB4bUah4QAQkQscWc&sai=AMfl-YREXFMhnjmAxyajUHauymG4YMbkbwaq-sUg5WxpbN14lLWGNq6qpBWyaXjkhwJDNolLwAblLx2fP9Rlj9w3jtZTA1Q-g0VYrqK7EEhAWng3FilK-GM4UzbXNKQH9bw&sig=Cg0ArKJSzGWH0-rgDhF_EAE&uach_m=[UACH]&adurl=
Frame ID: 9C9BCD02042336A58F7642704C13E14D
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BA469407B2BAB89D3F54A1278FAA690F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 38847F7C753BA7575EED6B3399358C7E
Requests: 2 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/1454a71d-cdbb-429c-8092-122f4493e0c7.woff?subset=%20!()%2C13469%3A%3BABCDEFGHIKLMNOPRSTUVWXabcdefghiklmnoprstuvwyz
Frame ID: F77E05489760152BE59122EB5EAF6FC6
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

China's APT41 Linked to WyrmSpy, DragonEgg Mobile SpywareCookies ButtonBack ButtonSearch IconFilter Icon

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

248
Requests

97 %
HTTPS

46 %
IPv6

36
Domains

54
Subdomains

51
IPs

7
Countries

5331 kB
Transfer

12860 kB
Size

39
Cookies

44 Outgoing links

These are links going to different origins than the main page.

URL: https://sector.ca/?cid=smartbox_techweb_session_16.500299&_mc=smartbox_techweb_session_16.500299
Title: SecTor - Canada's IT Security Conference Oct 23-26 - Learn More

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/?cid=smartbox_techweb_session_16.500287&_mc=smartbox_techweb_session_16.500287
Title: Black Hat USA - August 5-10 - Learn More

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4614&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001315&_mc=smartbox_techweb_upcoming_webinars_8.500001315
Title: Finding a Backup Strategy That Works For You

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_xona16&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001321&_mc=smartbox_techweb_upcoming_webinars_8.500001321
Title: Best Practices and Tools for OT and IT Security

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/Security
Title: White Papers >

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper
Title: Tech Library >

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_header
Title: Newsletter Sign-Up

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_hypf04&ch=drsitebell
Title: Event

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_xona16&ch=drsitebell
Title: Event

Search URL Search Domain Scan URL

URL: https://messages.blackhat.com/2022-attendee-report-2022?kcode=drsite
Title: Report

Search URL Search Domain Scan URL

URL: https://www.lookout.com/threat-intelligence/article/wyrmspy-dragonegg-surveillanceware-apt41
Title: a report published July 19

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/press-release/file/1317206/download
Title: its 2020 indictment

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_eoa
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4083&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005384&_mc=smartbox_techweb_whitepaper_14.500005384
Title: 9 Traits You Need to Succeed as a Cybersecurity Leader

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_delh33&;ch=sbx&cid=smartbox_techweb_whitepaper_14.500005360&_mc=smartbox_techweb_whitepaper_14.500005360
Title: Rediscovering Your Identity

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_forq213&ch=sbx&cid=smartbox_techweb_analytics_7.300005991&_mc=smartbox_techweb_analytics_7.300005991
Title: Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_ingg120&ch=sbx&cid=smartbox_techweb_analytics_7.300005989&_mc=smartbox_techweb_analytics_7.300005989
Title: Everything You Need to Know About DNS Attacks

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_hypf04&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001322&_mc=smartbox_techweb_upcoming_webinars_8.500001322
Title: Where and When Automation Makes Sense For Enterprise Cybersecurity

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_forq211&ch=sbx&cid=smartbox_techweb_analytics_7.300005988&_mc=smartbox_techweb_analytics_7.300005988
Title: Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_invj50&ch=sbx&cid=smartbox_techweb_analytics_7.300005987&_mc=smartbox_techweb_analytics_7.300005987
Title: How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa4088&ch=sbx&cid=smartbox_techweb_analytics_7.300005984&_mc=smartbox_techweb_analytics_7.300005984
Title: Successfully Managing Identity in Modern Cloud and Hybrid Environments

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_delh32&;ch=sbx&cid=smartbox_techweb_whitepaper_14.500005359&_mc=smartbox_techweb_whitepaper_14.500005359
Title: 2023 Global Future of Cyber Report

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_delh30&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005357&_mc=smartbox_techweb_whitepaper_14.500005357
Title: Cybersecurity in 2023 and beyond: 12 leaders share their forecasts

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_delh29&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005356&_mc=smartbox_techweb_whitepaper_14.500005356
Title: Know your customer: Enable a 360-degree view with customer identity & access management

Search URL Search Domain Scan URL

URL: https://www.interop.com/
Title: Interop

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/
Title: InformationWeek

Search URL Search Domain Scan URL

URL: https://www.networkcomputing.com/
Title: Network Computing

Search URL Search Domain Scan URL

URL: https://www.itprotoday.com/
Title: ITPro Today

Search URL Search Domain Scan URL

URL: https://www.datacenterknowledge.com/
Title: Data Center Knowledge

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/
Title: Black Hat

Search URL Search Domain Scan URL

URL: http://www.omdia.com/
Title: Omdia

Search URL Search Domain Scan URL

URL: https://info.wrightsmedia.com/informa-licensing-reprints-request
Title: Reprints

Search URL Search Domain Scan URL

URL: https://twitter.com/DarkReading

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dark-reading/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/darkreadingcom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@DarkReadingOfficialYT

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMKmknwswtq63Aw?ceid=US:en&oc=3

Search URL Search Domain Scan URL

URL: https://tech.informa.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://tech.informa.com/cookie-policy
Title: Cookies

Search URL Search Domain Scan URL

URL: https://tech.informa.com/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://tech.informa.com/terms-and-conditions
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.informa.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuNaA5uSoQsqeukOBg857ZMBPPx1_gjqX8_7n_WYbOekQid28TbE16_eFA3NjV1APmkmEPDR0qh5VnY3GuQUPHFOFaukv-V9zsOZ4xH6S4fcb7N4tLs51WLOU-o6wf22CqR5WuihIwfEamr4e7GSX0-T-PxPelL7oa0H9zhNNxgPy2GG-OV12mAyLadmnwvy1CVuvj6EuYoK0fP75GnC2dFTNA8O7uN-GMTZ72MuXIDHSvReW-kNhVvS52CIOfCoC_h_mPzEXrWyYqVMxr07sINOvudB3UjJi4uYKZ2DMywmfBRH_aOfTb4PFmN5qPfJmTUIZJ2Q0-fCyv_IFdhyjzBfvKl6QMkBUdn2OPZKCZV5U00XD-S&sai=AMfl-YTKTTxL2_Su4saFylb-VDfIXjrqJq6EHPKbVj7qD2F5zAeyj4URQCyxKsehQCd-kjyXg5uqHyZb5kUV0dkOn4KTe2pnIgdkhH9eebR9i7gGYuaAl63V9_BmK7VUTpA&sig=Cg0ArKJSzDSSWX-aqLr_EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://www.mandiant.com/global-perspectives-on-threat-intelligence?utm_source=darkreading&utm_medium=display&utm_campaign=threat_intelligence&utm_content=all&utm_term=en&cid=global

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&ref2=elqNone&tzo=0&ms=691&optin=disabled&firstPartyCookieDomain=trk.darkreading.com HTTP 302
https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&ref2=elqNone&tzo=0&ms=691&optin=disabled&elq1pcGUID=46A0A912B72544EA8877ED9432544EDB

Request Chain 87

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D134750%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.darkreading.com%252Fthreat-intelligence%252Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253D134750%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.darkreading.com%25252Fthreat-intelligence%25252Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=5698610293901467396&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=134750&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=5698610293901467396&pixelIndex=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=5698610293901467396&pixelIndex=0&google_tc= HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5698610293901467396&pixelIndex=0&google_gid=CAESECMxpRzAJ3_kAKymlbyKq8U&google_cver=1

Request Chain 138

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbvtsCe0UygZhXVTAgXJ-mYm3jUED2DPhG1YoMMh2pSUyMlJ7wIhljd2y4sqYRGpG1i_LieVi3fOJ1DIk4qHxORhAUS3JzwbcEnamY6DBvjOBYZK-CaEiZWuqCfD4Mygd03l-H3btrcmLKRYAjzBvAZEdf3YmVD-zNT-vHl5b8swR2dWSkyegAg001jNK52BrilTnGWh_fNG6UOEzitnInL3cGE4mtsJ6IzK_k_KLplKoCU-OjOqX4EarfPTBixlSLCCnDyMgFgIvKL0xuTVP7Q0XuLcL1YkFMHtv1EitDHeISiECPouGJQTXDyHhpCdbGt75XjBeVtVY5eTJ26mMtWgsaUmIPyr_KQTMuLyiyWYuYZWOB_6S-YKTaNAAMjbAyC4CEu2W-qZWLMg&sai=AMfl-YTjWL8vBM6vq2lonAeWBV8PTOMCKlB_xFHdbi8Y-XWnp6zbDeV_JP0qmPP7clK2gg3RMocK_qrXytTgfSXwuH_-Vrc4_RUWrG3PruRRmGqDaaeydSa-qs805wiICw&sig=Cg0ArKJSzC3ausjA8jaREAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/5810807084231361466? HTTP 302
https://tpc.googlesyndication.com/simgad/5810807084231361466

Request Chain 184

https://www.darkreading.com/sites/all/themes/penton_core_theme/images/ContentPillar_Welcome_1200.png HTTP 302
https://www.darkreading.com/404

248 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware Show response
www.darkreading.com/threat-intelligence/ 468 KB
76 KB 975ms
870ms Document
text/html 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daa25a76b91d2ec47600be9c132b183a0f8962c40e94d970678058a454f3a8e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e97aa56fc8003f8-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 20 Jul 2023 02:10:02 GMT
server: cloudflare
vary: Accept-Encoding, Origin
x-proxy-by: https://www.darkreading.com

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 14 KB
4 KB 163ms
65ms Script
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/OtAutoBlock.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jul 2023 02:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 32444
content-md5: /FIp/4zYapfYlY6Lvx04NA==
content-length: 3637
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B651FF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3126707b-901e-017e-65e1-5a017c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e97aa5e78593a6a-FRA
expires: Fri, 21 Jul 2023 02:10:02 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 149ms
51ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b836876c6014c346a749c23f680845562679daf29c640c99a3d92797a6244b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jul 2023 02:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DflSFdkyRucOaDW0H1U81w==
age: 18243
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6821
x-ms-lease-status: unlocked
last-modified: Wed, 19 Jul 2023 16:40:17 GMT
server: cloudflare
etag: 0x8DB8876D5D7582A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9a60fcb7-f01e-0147-0a79-ba41d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e97aa5e785a3a6a-FRA

GET
H2 200 adsensebase.js Show response
beta.darkreading.com/js/prebid-ads/ad_utils/ 24 B
200 B 415ms
398ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/js/prebid-ads/ad_utils/adsensebase.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757c66837cfbe8c2533e8c41099d8e50b20f83fbf84ead6a6d7435dcc2ad0884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:02 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Jul 2023 11:02:56 GMT
server: cloudflare
etag: W/"18-18925b83300"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7e97aa5df95703f8-FRA
content-length: 24
expires: Thu, 20 Jul 2023 04:10:02 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 175ms
74ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f5b3337e50c102f17c2f6534f24db91119b37f8dacc95e5776c852987bce6b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27538
x-xss-protection: 0
server: cafe
etag: 27 / 19558 / m202307130101 / config-hash: 1636169572614523722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 02:10:02 GMT

GET
H2 200 4d90ad636859e6d5.css
beta.darkreading.com/_next/static/css/ 410 KB
60 KB 74ms
57ms Stylesheet
text/css 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/css/4d90ad636859e6d5.css
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d993d894f9713b3d26ccd12fb9bfdd84e48131d1eef5d20d41f1cdc7bcc9c00f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 16 Mar 2023 11:04:30 GMT
server: cloudflare
age: 10853640
etag: W/"66670-186ea17be30"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa5df95403f8-FRA
expires: Fri, 19 Jul 2024 02:10:02 GMT

GET
H2 200 webpack-3ce7f1753013b3ec.js Show response
beta.darkreading.com/_next/static/chunks/ 4 KB
2 KB 51ms
51ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/webpack-3ce7f1753013b3ec.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ecf52614cfcf19d9e54f6315e8469693c03fc619115da7ce952bd4257b76f03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 7202363
etag: W/"ef3-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa604ae403f8-FRA
expires: Fri, 19 Jul 2024 02:10:02 GMT

GET
H2 200 framework-70134ee1270fb32c.js Show response
beta.darkreading.com/_next/static/chunks/ 128 KB
42 KB 51ms
51ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/framework-70134ee1270fb32c.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c662be26daa544e07f7170870e306427b9fcf0d9f30e6f602c7fb67005bfda3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 09:41:04 GMT
server: cloudflare
age: 7226633
etag: W/"1fec8-187b7c9bb80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa607b0b03f8-FRA
expires: Fri, 19 Jul 2024 02:10:02 GMT

GET
H2 200 main-9bc1cfd325d1370f.js Show response
beta.darkreading.com/_next/static/chunks/ 111 KB
30 KB 56ms
53ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/main-9bc1cfd325d1370f.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03b6f9934a86e8d5472f0b2449d99983b33aceba85871c5ac10ff79a70afab97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 09:41:04 GMT
server: cloudflare
age: 7226633
etag: W/"1bd10-187b7c9bb80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa608b1603f8-FRA
expires: Fri, 19 Jul 2024 02:10:02 GMT

GET
H2 200 _app-dbedff49d537494d.js Show response
beta.darkreading.com/_next/static/chunks/pages/ 497 KB
158 KB 82ms
79ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/pages/_app-dbedff49d537494d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d847022b4855577f07071ade28e6ffba86c014283f02fbba7d326690b157ee9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 7202363
etag: W/"7c38f-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa608b1703f8-FRA
expires: Fri, 19 Jul 2024 02:10:02 GMT

GET
H2 200 af537566-88286964f7a0b5d1.js Show response
beta.darkreading.com/_next/static/chunks/ 269 KB
80 KB 68ms
65ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/af537566-88286964f7a0b5d1.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f84daf0174e2c6f686b5864ff7dafc119dae3c2ca88f213dcbfc3f70b2b39571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 16 Mar 2023 11:04:30 GMT
server: cloudflare
age: 10511316
etag: W/"43344-186ea17be30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa608b1803f8-FRA
expires: Fri, 19 Jul 2024 02:10:02 GMT

GET
H2 200 80f08544-c91db5296fc68d77.js Show response
beta.darkreading.com/_next/static/chunks/ 72 KB
19 KB 63ms
60ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/80f08544-c91db5296fc68d77.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36069dae705692548e4a2c2d3c504cea29cf7756771c054130f14e48f3492b58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 09:41:04 GMT
server: cloudflare
age: 7226630
etag: W/"11e1b-187b7c9bb80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa609b1903f8-FRA
expires: Fri, 19 Jul 2024 02:10:02 GMT

GET
H2 200 265-2f47a5945553d0a6.js Show response
beta.darkreading.com/_next/static/chunks/ 49 KB
17 KB 75ms
75ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/265-2f47a5945553d0a6.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb1589f0619e41e0fa1d0770121be244be9fa07d5a6c5938d5988f9726927307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 16 Aug 2022 10:04:17 GMT
server: cloudflare
age: 29095509
etag: W/"c216-182a61c6ce8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa609b2203f8-FRA
expires: Fri, 19 Jul 2024 02:10:02 GMT

GET
H2 200 106-6e732169920a1a66.js Show response
beta.darkreading.com/_next/static/chunks/ 8 KB
3 KB 69ms
69ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/106-6e732169920a1a66.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720b074e114854f5c2b347ee013066f2ff6e8a1da750d605c8df6936b997eb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 09:41:04 GMT
server: cloudflare
age: 7226631
etag: W/"1eec-187b7c9bb80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa60db5003f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 330-44b99de39ae2ad82.js Show response
beta.darkreading.com/_next/static/chunks/ 91 KB
29 KB 54ms
53ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/330-44b99de39ae2ad82.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e00d3935f6a747eedf83365b8b957f71ec570e9ac018426c07f59e7e1a32126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 09:41:04 GMT
server: cloudflare
age: 7226631
etag: W/"16df9-187b7c9bb80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa60fb6903f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 410-87a058ee18a2e683.js Show response
beta.darkreading.com/_next/static/chunks/ 179 KB
52 KB 53ms
53ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/410-87a058ee18a2e683.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e168f400859a54ae28705c297c4d347eacbbcfee972a38744b8f9d890022a898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 16 Mar 2023 11:04:30 GMT
server: cloudflare
age: 10511317
etag: W/"2cbc2-186ea17be30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa613b8c03f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 644-10fece11b4038bdb.js Show response
beta.darkreading.com/_next/static/chunks/ 18 KB
7 KB 50ms
50ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/644-10fece11b4038bdb.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 429f7e0fe891676debcf572bce666bf67cabfd82e6774895d4800283a05df589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 09:41:04 GMT
server: cloudflare
age: 7226631
cf-polished: origSize=18434
etag: W/"4802-187b7c9bb80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa614b9303f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 727-cb4d0a5251be82c9.js Show response
beta.darkreading.com/_next/static/chunks/ 7 KB
2 KB 49ms
48ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/727-cb4d0a5251be82c9.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 061873fb71d654fc87404592fbb9cd1665e8882c1ab3423f92ddc61f940be783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 09:41:04 GMT
server: cloudflare
age: 7226630
etag: W/"1ad3-187b7c9bb80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa615b9d03f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 353-c5fb30de1cdcd743.js Show response
beta.darkreading.com/_next/static/chunks/ 115 KB
28 KB 54ms
54ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/353-c5fb30de1cdcd743.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1848ed0b2a54ed644ee182f2e2c012164080f1be7c475041f8d0a2ebe456c89f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 09:41:04 GMT
server: cloudflare
age: 7226630
cf-polished: origSize=117839
etag: W/"1cc4f-187b7c9bb80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa615b9e03f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 314-d27066328fe72a2d.js Show response
beta.darkreading.com/_next/static/chunks/ 131 KB
38 KB 54ms
54ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/314-d27066328fe72a2d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35396bc1fe0457ca063caaf18161f4d252b66dda7bdf4dc83bd7291c5a763b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 7207823
etag: W/"20a76-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa615ba103f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 274-e20cb371d1281709.js Show response
beta.darkreading.com/_next/static/chunks/ 135 KB
43 KB 54ms
53ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/274-e20cb371d1281709.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e40e17ef48acdd8fbbd4ab434adcd35602a939c19816f297baaa91e675a067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 7207823
etag: W/"21d94-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa616bb103f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 244-ff3831dc21292b31.js Show response
beta.darkreading.com/_next/static/chunks/ 53 KB
14 KB 53ms
52ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/244-ff3831dc21292b31.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fc9226c1dac21a7182d442ae225403735a06132fa0d3339f9b691161f226870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 7164147
etag: W/"d4e2-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa618be303f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 497-8d7ba2757a8dafee.js Show response
beta.darkreading.com/_next/static/chunks/ 17 KB
6 KB 54ms
54ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/497-8d7ba2757a8dafee.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42a69348bb53b155c5d4fa084e826b2ca4f80cdcd131455fe33c8ab8b1f32ddc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 7207823
etag: W/"443d-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa619be703f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 411-d3fb60788f626717.js Show response
beta.darkreading.com/_next/static/chunks/ 14 KB
3 KB 51ms
51ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/411-d3fb60788f626717.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ac768d479fd8627d59a5298f7175cf51f4ace4eea8feda66a04b1e32244d6ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 25 Apr 2023 09:41:04 GMT
server: cloudflare
age: 7226630
etag: W/"399e-187b7c9bb80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa619bf103f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 424-e8fa1fe0f531e88a.js Show response
beta.darkreading.com/_next/static/chunks/ 80 KB
15 KB 54ms
51ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/424-e8fa1fe0f531e88a.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f2731b7ddbfae256839a740f6dda68ec6e67a4cf1e62a8ed4ffce75a589d16d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 7202364
etag: W/"141ac-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa61bbfc03f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 %5BhybidPage%5D-f6822043d08df330.js Show response
beta.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/ 37 KB
11 KB 52ms
52ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/%5BhybidPage%5D-f6822043d08df330.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c870bc0b6e52de133e3273be305bda03afd6aba5d5064c034f2a50a3af3edc01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 7202364
etag: W/"93f1-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa61bbfd03f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 _buildManifest.js Show response
beta.darkreading.com/_next/static/w-fIdHUcLJMlSKj88lYGP/ 3 KB
1 KB 53ms
53ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/w-fIdHUcLJMlSKj88lYGP/_buildManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61380ad89eed75f451f50e7cf1248acc2be73879dd82c1fa4943bef3e5d0a5c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 1263227
etag: W/"c10-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa61bc0503f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 _ssgManifest.js Show response
beta.darkreading.com/_next/static/w-fIdHUcLJMlSKj88lYGP/ 91 B
137 B 54ms
54ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/w-fIdHUcLJMlSKj88lYGP/_ssgManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:06:03 GMT
server: cloudflare
age: 1263227
etag: W/"5b-18925bb0d78"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa61ec2103f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 _middlewareManifest.js Show response
beta.darkreading.com/_next/static/w-fIdHUcLJMlSKj88lYGP/ 92 B
150 B 48ms
47ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/w-fIdHUcLJMlSKj88lYGP/_middlewareManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:06:03 GMT
server: cloudflare
age: 1263227
etag: W/"5c-18925bb0d78"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa61ec2303f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 dragon-Cn_Boon-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltfefa30b02959cbc5/64b8416fb21732708ecefc05/ 20 KB
20 KB 154ms
42ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltfefa30b02959cbc5/64b8416fb21732708ecefc05/dragon-Cn_Boon-Alamy.jpg?quality=80&format=webply&width=690

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

3910c9e81b36585872cb255c222691d571cf1cc4e1035d52690048d2c1c248ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 22027
x-cache: HIT, HIT
fastly-io-info: ifsz=958529 idim=5130x3420 ifmt=jpeg ofsz=20574 odim=690x460 ofmt=webp
filename1: custom
content-disposition: inline; filename=dragon-Cn_Boon-Alamy.webp
fastly-stats: io=1
content-length: 20574
x-request-id: 1f188a4f5554cec7d89c398bd7a6965d
x-served-by: cache-ams21056-AMS, cache-fra-eddf8230133-FRA
x-runtime: 54ms
server: contentstack
x-timer: S1689819003.080795,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "sNoXnSEbBXS2U3D50VCtryURoe/EP7WSE9BZPyWcQEI"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 140ms
44ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1111d"
vary: Accept-Encoding
x-hw: 1689819003.dop246.fr8.t,1689819003.cds329.fr8.hn,1689819003.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 131ms
44ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4346633
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6458
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGgyr%2BjNPOwcCwA6WLUjby%2Bf5MVHEfSxmrWMXDF6VKghPGk9xiP0vXsJfav6LvQSzDNHtyUbXvgcTOc3TCz5OM%2F4sSNwJ9jQoFxlmS4fFDB2jRLnXNNFimQO6FhTHuNUsZZ72hxEocIzjsFljwfUHVB1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e97aa611f6737fb-FRA
expires: Tue, 09 Jul 2024 02:10:03 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
15 KB 134ms
47ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 718, 718
age: 2499139
cdn-cachedat: 2021-06-08 13:25:52
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e3aee88c21b6991cd8d4728d630f1246
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7e97aa611ec8bb5c-FRA
cdn-requestpullsuccess: True

GET
H2 200 Whitelogo_1.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/ 8 KB
8 KB 103ms
40ms Image
image/png 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/Whitelogo_1.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

b315181f1047d35cc29f1b83c9c31ea493c5006f21930ba0a5e790a80ca2b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 1308228
x-cache: HIT, HIT
fastly-io-info: ifsz=7774 idim=336x84 ifmt=png ofsz=7760 odim=336x84 ofmt=png
content-disposition: inline; filename=Whitelogo_1.png
fastly-stats: io=1
content-length: 7760
x-request-id: 865ebe25a6d462aa5ec0b3df7fe45987
x-served-by: cache-ams12733-AMS, cache-fra-eddf8230133-FRA
x-runtime: 82ms
server: contentstack
x-timer: S1689819003.080886,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
etag: "FBb/Cijd5djg1i0f+YDwTH/riGkit5+W1YBTK34Yz3o"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 3816, 2

GET
H2 200 v2cb3a2ab87c5498db5ce7e6608cf55231689030342039 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 167ms
72ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 23:05:42 GMT
server: cloudflare
etag: W/2023.7.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7e97aa618d7635fd-FRA

GET
H2 200 4b083961-e2ac-4755-8801-f7c83a5fb187.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 5 KB
2 KB 144ms
54ms XHR
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/4b083961-e2ac-4755-8801-f7c83a5fb187.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jul 2023 02:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 71243
content-md5: gKK4h+x/dMka9W5jOr1Sww==
content-length: 1918
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B1E5D5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 91fc5fcf-001e-003b-56e1-5a9ab8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e97aa5f8d291e58-FRA
expires: Fri, 21 Jul 2023 02:10:02 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 78 B
316 B 138ms
55ms XHR
application/json 2606:4700::6812:1c26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

792074561f2d94442c8648916f41fc6016817b61d554daa9c67301aeecca14bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7e97aa606f6637fd-FRA
access-control-allow-headers: Content-Type

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 297 KB
86 KB 159ms
72ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0dc2079a2fae11bfda556ae3b1c399f197455b233384dedf0764dafa66da0daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87434
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 00:55:25 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jul 2023 02:10:03 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/ 390 KB
391 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5584db8771fd9d24aeb0c3887b9c6922a72c73e6af5382d594003e3cf1315bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 23:44:16 GMT
x-content-type-options: nosniff
age: 8746
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 399737
x-xss-protection: 0
server: cafe
etag: 4991179400440994909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 23:44:16 GMT

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb4787d6337aa1e504d8d2dc49629d5b46a49c30a6da6f4bb964e8875dd4bc43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 pdf.fd517ede.png
beta.darkreading.com/_next/static/media/ 8 KB
8 KB 61ms
60ms Image
image/png 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beta.darkreading.com/_next/static/media/pdf.fd517ede.png
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/_next/static/css/4d90ad636859e6d5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beta.darkreading.com/_next/static/css/4d90ad636859e6d5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 7206143
cf-polished: origSize=11781
etag: W/"2e05-187c3675d80"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e97aa60db5103f8-FRA
content-length: 8484
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 4UaOrEtFpBISc36j2jDu5w.woff2
fonts.gstatic.com/s/exo/v20/ 20 KB
20 KB 130ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v20/4UaOrEtFpBISc36j2jDu5w.woff2

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb657972079f36258237fd79c9b7cf160c82943f31fe5ff1b0e10be49e27be5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 17:06:42 GMT
x-content-type-options: nosniff
age: 378201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20268
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:19:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 17:06:42 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 125ms
124ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51516a9196395982078e7459b5aa7a498e3d7fdd796b123983230d6a7f7e3c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27631
x-xss-protection: 0
server: cafe
etag: 656 / 19558 / 31076217 / config-hash: 1636169572614523722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 02:10:03 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.39.0/ 372 KB
89 KB 48ms
48ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
age: 20155
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 90454
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
server: cloudflare
etag: 0x8DA87805EB35DE2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 526a626c-301e-007c-66e1-5a45d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e97aa60e9f83a6a-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/ 81 KB
18 KB 57ms
54ms Fetch
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/en.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 50805
content-md5: NMyqdpBtpYEfMyyUOi/oVQ==
content-length: 18270
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:33 GMT
server: cloudflare
etag: 0x8DAE1C57C3EAB90
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 86b120cf-e01e-013e-67e1-5a2892000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e97aa61be691e58-FRA
expires: Fri, 21 Jul 2023 02:10:03 GMT

GET
H2 200 78.c180425dea40d393.js Show response
beta.darkreading.com/_next/static/chunks/ 3 KB
1 KB 60ms
60ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/78.c180425dea40d393.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc57fb7726d7a86c273bebb59f12bc63a69ea93c695f971f73bb035f9bbe928b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 3480322
etag: W/"a48-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e97aa630cd203f8-FRA
expires: Fri, 19 Jul 2024 02:10:03 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v2.0/ 7 KB
3 KB 140ms
40ms Script
application/javascript 13.32.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v2.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f8650c7f614694fbf353e3690b981a651ce8aa79ee32c82f21ef303eeeb5421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:36:40 GMT
x-amz-version-id: ID.rFhUQG21hU9hnrAlmgiwMuXmUIHpx
content-encoding: br
last-modified: Wed, 15 Feb 2023 16:44:30 GMT
server: AmazonS3
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"2e8cb32ecd32a154a16f47e5344c4733"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 52404
x-amz-cf-id: qDZBxQxqS-WvSfqsg8gI698nCOg37eNz5dA1uqT-raB1-OLy5DNL_g==

GET
H2 200 session Show response
www.darkreading.com/api/auth/ 2 B
404 B 146ms
144ms Fetch
application/json 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/session
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
tracestate: 3288925@nr=0-1-3288925-322548631-f16f26511694473b----1689819003370
traceparent: 00-ffb82dd549350eef0960a0ad21a83500-f16f26511694473b-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjMyMjU0ODYzMSIsImlkIjoiZjE2ZjI2NTExNjk0NDczYiIsInRyIjoiZmZiODJkZDU0OTM1MGVlZjA5NjBhMGFkMjFhODM1MDAiLCJ0aSI6MTY4OTgxOTAwMzM3MH19

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7e97aa633cee03f8-FRA
content-length: 2

GET
H2 200 session Show response
www.darkreading.com/api/auth/ 2 B
227 B 537ms
535ms Fetch
application/json 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/session
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
tracestate: 3288925@nr=0-1-3288925-322548631-518a68a161dea2ee----1689819003371
traceparent: 00-1b18bba1bb7b2b072e18ab45193acd00-518a68a161dea2ee-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjMyMjU0ODYzMSIsImlkIjoiNTE4YTY4YTE2MWRlYTJlZSIsInRyIjoiMWIxOGJiYTFiYjdiMmIwNzJlMThhYjQ1MTkzYWNkMDAiLCJ0aSI6MTY4OTgxOTAwMzM3MX19

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7e97aa633cf103f8-FRA
content-length: 2

GET
H2 200 Dark_Reading_Logo.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/ 5 KB
2 KB 42ms
40ms Image
image/svg+xml 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/Dark_Reading_Logo.svg?quality=80&format=webply&width=222

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

0e198a2d521948c31a85eff04b881542d8b31d8b5824f900a950ea34bf5ef811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 444059
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Dark_Reading_Logo.svg+xml
fastly-stats: io=1
content-length: 2021
x-request-id: abae417463f384853fca991bd06119fe
x-served-by: cache-ams12720-AMS, cache-fra-eddf8230133-FRA
x-runtime: 83ms
server: contentstack
x-timer: S1689819003.391632,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 42, 2

GET
H2 200 Article.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt27dca7fd9a7ec07d/60da98a6537dbc26a0e2a2d3/ 3 KB
2 KB 42ms
41ms Image
image/svg+xml 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt27dca7fd9a7ec07d/60da98a6537dbc26a0e2a2d3/Article.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

de06fea245b0036d21764fcf2b9a4791c0a0f1e927e3916c7d779cb44a1977bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 1307383
x-cache: HIT, HIT
content-disposition: inline; filename=Article.svg
fastly-stats: io=1
content-length: 1177
x-request-id: 3a72c5b7ee967356d145110d3dfc0be1
x-served-by: cache-ams21065-AMS, cache-fra-eddf8230133-FRA
x-runtime: 77ms
server: contentstack
x-timer: S1689819003.391715,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 3, 2

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt91e5f91ce3f0cdd9/63d0288ac98dbe55ece1d0a9/ 3 KB
4 KB 46ms
44ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt91e5f91ce3f0cdd9/63d0288ac98dbe55ece1d0a9/Nate-Nelson_(1).jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 4393226
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=3376 odim=100x105 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 3376
x-request-id: 03d1d5216618013cad0543a2c7b70c6d
x-served-by: cache-ams12724-AMS, cache-fra-eddf8230133-FRA
x-runtime: 64ms
server: contentstack
x-timer: S1689819003.392553,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "qPc4Ej0Icam3tgfIlB+gqtt4GyFe8VrlHnMKfkTmDM4"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 stress-Antonio_Guillem-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt0ea6aebf1e9aff72/64b5892bfe186ac6eba456f0/ 2 KB
2 KB 44ms
42ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt0ea6aebf1e9aff72/64b5892bfe186ac6eba456f0/stress-Antonio_Guillem-Alamy.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

2ab5f65a6c2b556cbcb35ce48c3e8b9915a61346235aa8cf196917a4879018be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 15380
x-cache: HIT, HIT
fastly-io-info: ifsz=42161 idim=640x321 ifmt=jpeg ofsz=1642 odim=100x50 ofmt=webp
filename1: custom
content-disposition: inline; filename=stress-Antonio_Guillem-Alamy.webp
fastly-stats: io=1
content-length: 1642
x-request-id: a0dd86d5e5f4cc2b7ae7c988e264fef1
x-served-by: cache-ams12732-AMS, cache-fra-eddf8230133-FRA
x-runtime: 71ms
server: contentstack
x-timer: S1689819003.392113,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
etag: "l3ECMkzqlg0QPyCPiVa9bi7je19fSIr76o+p/dIvvp8"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 21, 2

GET
H2 200 Linux_Spectral_Alamy.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blte7bcaa57a4f17e7f/64b58f7f2335194ca3e19178/ 3 KB
3 KB 43ms
42ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blte7bcaa57a4f17e7f/64b58f7f2335194ca3e19178/Linux_Spectral_Alamy.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

17a9795fd3a10aefb8fff238d8ffa084f55c3819c46166c21dad75ec5233f47f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 198651
x-cache: HIT, HIT
fastly-io-info: ifsz=377305 idim=1200x675 ifmt=jpeg ofsz=2836 odim=100x56 ofmt=webp
filename1: custom
content-disposition: inline; filename=Linux_Spectral_Alamy.webp
fastly-stats: io=1
content-length: 2836
x-request-id: 782aa1e671fbbb05086736ad3d5a3b2d
x-served-by: cache-ams21023-AMS, cache-fra-eddf8230133-FRA
x-runtime: 96ms
server: contentstack
x-timer: S1689819003.392123,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
etag: "tDE+WAubv3scthogOg9n+W6vHFQk8WNGTYpC6zpgOLM"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 14, 2

GET
H2 200 satellite_earth-AlexeyKotelnikov-AlamyStockPhoto.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blta9f2e379e37ca7de/623e22588a8cb315b19d7d5e/ 1 KB
1 KB 45ms
44ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blta9f2e379e37ca7de/623e22588a8cb315b19d7d5e/satellite_earth-AlexeyKotelnikov-AlamyStockPhoto.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

cbab44fee4fad7e4e9e3144df99baad6737864e817139033417b627c2af902d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 265557
x-cache: HIT, HIT
fastly-io-info: ifsz=133702 idim=1080x720 ifmt=jpeg ofsz=1186 odim=100x67 ofmt=webp
filename1: custom
content-disposition: inline; filename=satellite_earth-AlexeyKotelnikov-AlamyStockPhoto.webp
fastly-stats: io=1
content-length: 1186
x-request-id: 46cfef284557710666761a50d9b64752
x-served-by: cache-ams12774-AMS, cache-fra-eddf8230133-FRA
x-runtime: 409ms
server: contentstack
x-timer: S1689819003.392765,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
etag: "ROSpEhNpfqTIjbTW3goXmGtwX+4uLmxHWGBt+cZymrg"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 15, 2

GET
H2 200 opengate_marreston_AdobeStock.jpeg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt6b857bf5c8440491/64aff02f33298fc6ed1a7031/ 2 KB
3 KB 44ms
43ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt6b857bf5c8440491/64aff02f33298fc6ed1a7031/opengate_marreston_AdobeStock.jpeg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

36cb35f0d6985d7acea7e2e0bb45582010d94571e9f64bcd6ca7314844657695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 421159
x-cache: HIT, HIT
fastly-io-info: ifsz=3591983 idim=4912x3264 ifmt=jpeg ofsz=2426 odim=100x66 ofmt=webp
filename1: custom
content-disposition: inline; filename=opengate_marreston_AdobeStock.webp
fastly-stats: io=1
content-length: 2426
x-request-id: 0c8d90a6a478bf7d9e1df221d1b74cfa
x-served-by: cache-ams21048-AMS, cache-fra-eddf8230133-FRA
x-runtime: 158ms
server: contentstack
x-timer: S1689819003.392629,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
etag: "MFUWyLhOUOZxYUUNORXjgvadiG3TmyjXiTLNh2mpvSs"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 20, 2

GET image
www.darkreading.com/_next/ 0
0

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 16 KB
4 KB 49ms
49ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFloatingRoundedIcon.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mbb70m5YOd2/+METBtRttw==
age: 71243
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3803
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:56 GMT
server: cloudflare
etag: 0x8DA87805A12E7D8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cc8087dd-c01e-00e1-07e1-5a3f93000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e97aa634f7b1e58-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 64 KB
13 KB 49ms
49ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcPanel.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Kw22gRKC0ogRtsT2RwAR9Q==
age: 57279
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13290
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:57 GMT
server: cloudflare
etag: 0x8DA87805AF0078C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 82d0c884-001e-00f7-54e1-5afe0d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e97aa634f7d1e58-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 22 KB
5 KB 53ms
53ms Fetch
text/css 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jul 2023 02:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: B55i3ZY9miZIaUrwjufy0w==
age: 71243
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 372018e9-a01e-001f-18e1-5a03f6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e97aa634f7e1e58-FRA

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 122 KB
48 KB 155ms
52ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-W6LRXN3

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3cb76372da2a033f8786ce21aaaa6420bba343fea4f85f5f30ed7cee0223197f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48388
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 00:55:25 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jul 2023 02:10:03 GMT

GET
H2 200 / Show response
6600d6d98e534115970f9529a45f3195.js.ubembed.com/ 469 B
715 B 344ms
224ms Script
application/javascript 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82b199a09bd801f015bda7aee54bf06f85272f5bd8f0f1cdbd05d8cb52fcd935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"aaab40e12ca91eabbcb0f8f10bd5715a-v0.180.1"
vary: Accept-Encoding, Referer
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
cf-ray: 7e97aa646c0990fa-FRA

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 184ms
48ms Script
application/x-javascript 23.201.242.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.201.242.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-242-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 20 Jul 2023 02:10:03 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 06 Apr 2023 15:05:41 GMT
ETag: "12a0ef409968d91:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Thu, 20 Jul 2023 02:10:03 GMT

GET
H/1.1 200
OK dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js Show response
s.dpmsrv.com/ 747 KB
62 KB 162ms
46ms Script
application/x-javascript 13.32.99.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-85.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dddb939f2fb146a699ea1cf0efd984d4b8f429aa49d70246bff358fdbdf7fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 20:40:25 GMT
Content-Encoding: gzip
Via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
Last-Modified: Thu, 29 Sep 2022 16:23:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P3
Age: 19779
ETag: "4c2c9bc43f06a59cee56d3211f043fa3"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63462
X-Amz-Cf-Id: Srmu5RGAQXeYi3NDXyrx2xHbnyZUIOKHWkwKXlNaj63c0zdcTrKZSw==

GET
H2 200 iframe_api Show response
www.youtube.com/ 1006 B
2 KB 173ms
59ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbe006779b4df0ae3275b5eab380e604d82604223ba1c67291f622233013bb5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 20 Jul 2023 02:10:03 GMT

GET
H2 200 hotjar-2610568.js Show response
static.hotjar.com/c/ 14 KB
6 KB 142ms
43ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

bea9b9d700e939077ec0dcf13e930432b48fe10b416e8fe2371afec1b602ad94

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 20 Jul 2023 02:10:03 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 11
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/bf62a243d832b243aed1524efba515a7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: h0o1Vts0PH2rmitlz-taqztOlXdSI4_m0AwxfFHSW5qjf4d9Gw17yw==

GET
H2 200 adobe-target.js Show response
beta.darkreading.com/js/third-party/ 191 KB
42 KB 826ms
826ms Script
application/javascript 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/js/third-party/adobe-target.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e2472635cbca31d4b0694c1248618677a5279d6e841b23191c3d5a76ac09f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 05 Jul 2023 11:02:56 GMT
server: cloudflare
etag: W/"2fa26-18925b83300"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7200
cf-ray: 7e97aa63ad4803f8-FRA
expires: Thu, 20 Jul 2023 04:10:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Jul 2023 01:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3926
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 20 Jul 2023 03:04:37 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 149ms
46ms Script
application/x-javascript 2600:9000:2057:4600:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4600:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 18:38:47 GMT
content-encoding: gzip
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 00:35:23 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 27076
etag: W/"649b804b-9482"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ZF7YTG9-tcvgcmp0RXuQ5RabdGpK_NKwFAXEXbnJhwbc-PzP3pKUQw==
expires: Thu, 20 Jul 2023 18:38:47 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v3.0/ 14 KB
5 KB 42ms
42ms Script
application/javascript 13.32.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2adfabdca47e7ea3ca23597e24f6415dea9842d97159920b12d55796273b50f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:36:41 GMT
x-amz-version-id: HcerYY2f5.DoKJ.hjtbegnr29y5KQGEN
content-encoding: br
last-modified: Tue, 25 Apr 2023 09:00:39 GMT
server: AmazonS3
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"c38ba007b23d2b241c1008f782a80ab1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 52403
x-amz-cf-id: d41Bsb10EQVs_ZaiXJbIRt7-wlHOML4WlrLuzQ7cZ3YmVdHgJQDalg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
88 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d3dc674358fda55cc8336954f3ea7997d1bcab811a6cc8d296b3f599bf3e2a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90459
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Jul 2023 02:10:03 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Informa_Logo_1Line_Indigo_Grad_RGB.jpg
cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/ 145 KB
145 KB 60ms
60ms Image
image/jpeg 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/Informa_Logo_1Line_Indigo_Grad_RGB.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jul 2023 02:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8NigNwrkdBmjWsQuvIR/Tg==
age: 27490
content-length: 148084
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 26 Nov 2021 15:49:29 GMT
server: cloudflare
etag: 0x8D9B0F4552FB1EF
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: b3e3f85e-601e-00e7-74e1-5ac8eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7e97aa643c1c3a6a-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 81ms
81ms Image
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jul 2023 02:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 20950
x-ms-lease-status: unlocked
last-modified: Wed, 19 Jul 2023 16:40:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6cab9cad-301e-0178-4f6b-baf604000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7e97aa643c1d3a6a-FRA

GET
H2 200 ZGFya3JlYWRpbmcuY29t.json Show response
static.iris.informa.com/widgets/config/cdl/ 24 B
493 B 257ms
174ms Fetch
binary/octet-stream 13.32.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date: Thu, 20 Jul 2023 02:10:04 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24
last-modified: Tue, 28 Feb 2023 08:49:48 GMT
server: AmazonS3
etag: "d14dcd26bd0521dd67cdde302d3ac4a2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: i_IFuJvMOkjWcwUyMWICrdGGSc6TP3poqZ2r3GXza1XZ-VdcQEXjzw==

GET
H2 200 ZGFya3JlYWRpbmcuY29t.json Show response
static.iris.informa.com/widgets/config/cdl/ 24 B
490 B 381ms
302ms Fetch
binary/octet-stream 13.32.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date: Thu, 20 Jul 2023 02:10:04 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24
last-modified: Tue, 28 Feb 2023 08:49:48 GMT
server: AmazonS3
etag: "d14dcd26bd0521dd67cdde302d3ac4a2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: Lk2IKD21XivdfeLtpc8pnqe8e0WAkgt3SfQV_shgl0EmPMpZHyHIXg==

GET
H2 200 f23io39d.js Show response
static.iris.informa.com/ 70 KB
23 KB 48ms
47ms Script
application/javascript 13.32.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/f23io39d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: r.70SgccGRmRk8cXfo6q55SZB1TmHyVy
content-encoding: gzip
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
date: Wed, 19 Jul 2023 23:38:54 GMT
last-modified: Thu, 02 Sep 2021 16:02:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 9070
x-amz-server-side-encryption: AES256
etag: W/"a790df23a63287b42b6e7324cb81afd9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 7ro4onWV-QUJLYIof_vkj8rA7WzpVAn_jbsGtxtfQAo_MxZMS1x4WQ==

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/3.0/ 58 KB
20 KB 158ms
41ms Script
application/javascript 13.32.99.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/3.0/td.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-18.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 12 May 2023 01:36:21 GMT
Content-Encoding: gzip
Via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
Age: 5963623
X-Amz-Cf-Pop: FRA60-P3
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Mon, 05 Jul 2021 08:58:13 GMT
Server: AmazonS3
Etag: W/"4b9abb36767431f05495228eb82edf01"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: XHAooT6oJ4KoMS9HuIUtasuYarGcbyir-Z1gzwlPSpH9B4sI_zw3fA==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 137ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1X1EHQ3PFR&gtm=45je37h0&_p=1708491746&_gaz=1&cid=2125217975.1689819004&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689819003&sct=1&seg=0&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&dt=China%27s%20APT41%20Linked%20to%20WyrmSpy%2C%20DragonEgg%20Mobile%20Spyware&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_type=article&ep.content_contributor=nate%20nelson&ep.content_publish_date=Jul%2019%2C%202023&ep.content_main_topic=threat-intelligence&ep.content_id=blta877b261095c8bc0&ep.ad_unit_path_code=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&ep.content_sponsor=&ep.content_label=News&ep.content_additional_topics=mobile%2Cvulnerabilities-threats%2Cadvanced-threats&ep.gtm_container_detail=SCM%7C1.5%7C126&ep.content_topic_real_text=Threat%20Intelligence&ep.content_read_time=3&ep.content_topic-real_text=Threat%20Intelligence
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 162ms
48ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1X1EHQ3PFR&cid=2125217975.1689819004&gtm=45je37h0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 143ms
50ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1X1EHQ3PFR&cid=2125217975.1689819004&gtm=45je37h0&aip=1&z=94621245

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.d373b2616054b2db8e61.js Show response
script.hotjar.com/ 276 KB
68 KB 135ms
46ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d373b2616054b2db8e61.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

7ac9ee76a24c064a36d92e138ff8f83978dfe640f1128957fcaf1d35379a435e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 12:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 49495
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68679
last-modified: Wed, 19 Jul 2023 12:24:50 GMT
etag: "f42a86acce38ca69d9fd58c14df58f11"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: j33Kg9v7iw4ZE2oapr29zLoPculmfidczv0BJJ7XVnvUXaQfzw2T1A==

OPTIONS
H2 200 ed0
c.darkreading.com/com.iiris/ Frame 0
0 272ms
167ms Preflight 2606:4700::6811:7963
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7963 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 7e97aa659ebfbb95-FRA
content-length: 0
date: Thu, 20 Jul 2023 02:10:03 GMT
server: cloudflare

POST
H2 200 ed0 Show response
c.darkreading.com/com.iiris/ 2 B
318 B 166ms
165ms XHR
text/plain 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 20 Jul 2023 02:10:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 7e97aa669f4a03f8-FRA
content-length: 2

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 367ms
119ms Image
image/gif 52.0.197.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=darkreading.com&p=%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&u=mAKdV819YNDPuuVR&d=darkreading.com&g=53678&g0=threat-intelligence&g1=nate%20nelson&g4=article&n=1&f=00001&c=0&x=0&m=0&y=3785&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&b=2358&t=CZsDc8DfABxxDf3mkTBRezFSCZENq_&V=140&i=China%27s%20APT41%20Linked%20to%20WyrmSpy%2C%20DragonEgg%20Mobile%20Spyware&tz=0&sn=1&sv=Dukv5m7W01x03XltDhdbhmdThR&sd=1&im=067b2fff&_
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.197.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-197-153.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Jul 2023 02:10:03 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 47ms
46ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1708491746&t=pageview&_s=1&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&dp=%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&ul=en-us&de=UTF-8&dt=China%27s%20APT41%20Linked%20to%20WyrmSpy%2C%20DragonEgg%20Mobile%20Spyware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABRAAAACACI~&jid=932331361&gjid=924065724&cid=2125217975.1689819004&tid=UA-135180592-2&_gid=1452756568.1689819004&_r=1&_slc=1&gtm=45He37h0n81T52Z3Z3&cg1=article&cg2=News&cg3=Threat%20Intelligence&cd1=article&cd2=nate%20nelson&cd3=&cd4=News&cd5=Jul%2019%2C%202023&cd6=threat-intelligence&cd9=mobile%2Cvulnerabilities-threats%2Cadvanced-threats&cd10=0&cd16=blta877b261095c8bc0&cd17=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&cd18=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&cd20=vanguard%20-%20126&z=804139238

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

svrGP
trk.darkreading.com/visitor/v200/
Redirect Chain

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&ref2=elqNone&tzo...
https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&ref2=elqNone&tzo...

49 B
504 B

226ms
226ms

Image
image/gif

192.29.69.231
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&ref2=elqNone&tzo=0&ms=691&optin=disabled&elq1pcGUID=46A0A912B72544EA8877ED9432544EDB

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

HTTP/1.1

Server

192.29.69.231 Toronto, Canada, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 02:10:04 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 02:10:03 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&ref2=elqNone&tzo=0&ms=691&optin=disabled&elq1pcGUID=46A0A912B72544EA8877ED9432544EDB
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 410
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D134750%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.d...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253...
https://a.dpmsrv.com/dpmpxl/index.php?id=5698610293901467396&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=134750&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-...

245 B
995 B

498ms
119ms

Script
text/javascript

52.72.174.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=5698610293901467396&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=134750&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: HTTP/1.1
Server: 52.72.174.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-174-214.compute-1.amazonaws.com
Software: /
Resource Hash: 3c41cfe67118e38535038172da72d67ca47637f22c0de05c3b69db3362898597

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 216
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:03 GMT
an-x-request-uuid: 406c9d71-b479-47f3-a0b1-ad4af429ceb7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://a.dpmsrv.com/dpmpxl/index.php?id=5698610293901467396&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=134750&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
x-proxy-origin: 80.255.7.102; 80.255.7.102; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 js_pageviews_itcyber_darkreading
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ Frame 0
0 148ms
40ms Preflight 3.73.184.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1689819003719

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.184.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-184-11.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-td-fetch-api,x-td-write-key
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 7200
date: Thu, 20 Jul 2023 02:10:03 GMT
strict-transport-security: max-age=31536000

POST
H2 200 js_pageviews_itcyber_darkreading Show response
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ 16 B
478 B 122ms
40ms Fetch
application/json 3.73.184.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1689819003719

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.184.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-184-11.eu-central-1.compute.amazonaws.com

Software

Resource Hash

56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-TD-Write-Key: 100/bb9cbe21de3db7a5428506d7528e45b2c801a48c
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
X-TD-Fetch-Api: true
Content-Type: application/json

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
p3p: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
access-control-allow-origin: https://www.darkreading.com
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
content-length: 16

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 48ms
48ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-135180592-2&cid=2125217975.1689819004&jid=932331361&gjid=924065724&_gid=1452756568.1689819004&_u=aCDACEAARAAAACACI~&z=1678673608

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Jul 2023 02:10:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 139ms
51ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-135180592-2&cid=2125217975.1689819004&jid=932331361&_u=aCDACEAARAAAACACI~&z=169939122

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 53ms
51ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-135180592-2&cid=2125217975.1689819004&jid=932331361&_u=aCDACEAARAAAACACI~&z=169939122

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 149ms
44ms Script
application/javascript 108.138.17.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:37 GMT
content-encoding: gzip
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 5903187
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: hDDWUk_8tD2rYfYYtl7aVsHUJX1vcdSqI02l90KEltgGQ5l9trWmhA==

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/8e83803a/www-widgetapi.vflset/ 203 KB
63 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8e83803a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

014a3d61d0c654f1c2f03e2b9fe22f951a945535e91b02e0fffec31da5ba6f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 23:22:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64339
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 01:47:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 18 Jul 2024 23:22:27 GMT

GET
H2 204 2610568 Show response
vc.hotjar.io/sessions/ 0
258 B 175ms
66ms XHR
text/plain 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2610568?s=0.25&r=0.0979385231051142
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:03 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 18sVDdySY4G25O2Dk04Qai8ZwKakTHFo8Q5yLdnbbEXLHUzlX91CjQ==

GET
H2 200 image
www.darkreading.com/_next/ 654 B
887 B 437ms
435ms Image
image/webp 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/_next/image?url=https%3A%2F%2Fbeta.darkreading.com%2F_next%2Fstatic%2Fmedia%2Firibbon-logo.fed34d59.png&w=96&q=75

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab36b8356d4b7e3e3591b161427e6fb18512a2ccc8a787f8cc03294cf2f30478

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:04 GMT
content-security-policy: script-src 'none'; sandbox;
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: qza4NW1Lfj41kbFhQn5vsYUSoszIp4f4zAMpTPLzBHg=
vary: Accept, Origin, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000, must-revalidate
content-disposition: inline; filename="iribbon-logo.webp"
cf-ray: 7e97aa66af5103f8-FRA

POST
H2 200 delivery Show response
iirexhibitionslimite.tt.omtrdc.net/rest/v1/ 296 B
808 B 200ms
61ms XHR
application/json 66.235.152.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iirexhibitionslimite.tt.omtrdc.net/rest/v1/delivery?client=iirexhibitionslimite&sessionId=804f72187acb45759b72da0d7443ea82&version=2.8.1

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.152 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-66-235-152-152.data.adobedc.net

Software

jag /

Resource Hash

b7bba556413ac6563f5e1b893d129c08da2cd799b123a3d1ad8d206e2b711117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Jul 2023 02:10:04 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: cb0b60b7-9afd-4e03-931d-c53f08c7553e

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=5698610293901467396&pixelIndex=0
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=5698610293901467396&pixelIndex=0&google_tc=
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5698610293901467396&pixelIndex=0&google_gid=CAESECMxpRzAJ3_kAKymlbyKq8U&google_cver=1

0
598 B

164ms
164ms

Script
text/javascript

52.72.174.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5698610293901467396&pixelIndex=0&google_gid=CAESECMxpRzAJ3_kAKymlbyKq8U&google_cver=1
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: HTTP/1.1
Server: 52.72.174.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-174-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5698610293901467396&pixelIndex=0&google_gid=CAESECMxpRzAJ3_kAKymlbyKq8U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
98 B 147ms
48ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=5698610293901467396
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 async-api.30bd804e-1.236.0.min.js Show response
js-agent.newrelic.com/ 3 KB
3 KB 129ms
43ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.30bd804e-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: 366JrVMQzTPfkja9KvKWB.1FAlNj2g2u
date: Thu, 20 Jul 2023 02:10:04 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V160HEFG7EFECRX2
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2851
x-amz-id-2: 0eBKUdrxS14x6LgkTPCmMEB3l0LE6ZMWjtAG9L6qQRKf2HwTDauZumZ0lO0xzHb91rsrxkWwK2Y=
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689819005.878373,VS0,VE0
etag: "ce1527db8799a0ba1913b5c7b7f666aa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1146

GET
H2 200 860.03a8b7a5-1.236.0.min.js Show response
js-agent.newrelic.com/ 14 KB
6 KB 129ms
44ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/860.03a8b7a5-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: iJSI6dlO2Ys6eX3e0ReqL6kXFai6YRCl
content-encoding: br
via: 1.1 varnish
date: Thu, 20 Jul 2023 02:10:04 GMT
strict-transport-security: max-age=300
x-amz-request-id: V16AM8ZN8PYP562E
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5507
x-amz-id-2: p53eNBuSl8l54BX4vm/T8MRAZj4+7UF7Zj6Jk8Z1gEGZek7iztQ2HnDO9cdAyyhavWTTx/o/XdA=
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689819005.878505,VS0,VE0
etag: "5c2d33afe15ef1ea0f7dfd3d77677165"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1168

GET
H2 200 session-manager.2a64278a-1.236.0.min.js Show response
js-agent.newrelic.com/ 1 KB
2 KB 129ms
44ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session-manager.2a64278a-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: ur1tw3MWf2WErGuFKp0fYWjcNIfD4uOb
date: Thu, 20 Jul 2023 02:10:04 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V16A1FCNY83AK894
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1387
x-amz-id-2: upYMIkDsSKQm716sJRiAZiA1Gcm46rhBIW9aR4KcluiHUzwt5sYZ1qhtDXdlsCvnTJifqO5cU7qsZcXYYhk3cw==
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689819005.878498,VS0,VE0
etag: "a097cb2068fb2d63e521cacf139c921d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1064

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
14 KB 105ms
104ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=474561216631179&correlator=2402640028402671&output=ldjh&gdfp_req=1&vrg=202307130101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&adks=2734278250&sfv=1-0-40&prev_scp=pos%3Dwelcome_v%26ptype%3Darticle%26pageid%3Dblta877b261095c8bc0%26aid%3D835894%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1689819004904&lmt=1689819004&dlt=1689819002294&idt=848&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&frm=20&vis=1&psz=1600x3808&msz=0x0&fws=132&ohw=1600&ga_vid=2125217975.1689819004&ga_sid=1689819005&ga_hid=1708491746&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c9fa17038e3e179f18bca5085a04d12ccac1eda0e9e395e07bb702503053959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14818
x-xss-protection: 0
google-lineitem-id: 6148587061
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138438523876
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 573 B
305 B 70ms
70ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=474561216631179&correlator=2402640028402671&output=ldjh&gdfp_req=1&vrg=202307130101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&adks=2045221590&sfv=1-0-40&prev_scp=pos%3Dbigsky_v%26ptype%3Darticle%26pageid%3Dblta877b261095c8bc0%26aid%3D835894%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1689819004911&lmt=1689819004&dlt=1689819002294&idt=848&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&frm=20&vis=1&psz=1600x3808&msz=0x0&fws=132&ohw=1600&ga_vid=2125217975.1689819004&ga_sid=1689819005&ga_hid=1708491746&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89ee4d44bf41e3ee2e0871d56b64c6f5353eeff5c0a1dde4ce53673a3e44d62a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 276
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
5 KB 114ms
114ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=474561216631179&correlator=2402640028402671&output=ldjh&gdfp_req=1&vrg=202307130101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=3&adks=4210692985&sfv=1-0-40&ists=1&prev_scp=pos%3Dwallpaper_v%26ptype%3Darticle%26pageid%3Dblta877b261095c8bc0%26aid%3D835894%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1689819004914&lmt=1689819004&dlt=1689819002294&idt=848&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&frm=20&vis=1&psz=1600x3808&msz=0x0&fws=132&ohw=1600&ga_vid=2125217975.1689819004&ga_sid=1689819005&ga_hid=1708491746&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

693dc3b5d1d9d1bb2ed119612fa9062f6d3b49b6155984d62fafd28796fa6b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5529
x-xss-protection: 0
google-lineitem-id: 6292938605
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138423855195
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 573 B
307 B 90ms
89ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=474561216631179&correlator=2402640028402671&output=ldjh&gdfp_req=1&vrg=202307130101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=4&adks=1292450579&sfv=1-0-40&ists=1&prev_scp=pos%3Doop_v%26ptype%3Darticle%26pageid%3Dblta877b261095c8bc0%26aid%3D835894%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1689819004916&lmt=1689819004&dlt=1689819002294&idt=848&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&frm=20&vis=1&psz=1600x3808&msz=0x0&fws=132&ohw=1600&ga_vid=2125217975.1689819004&ga_sid=1689819005&ga_hid=1708491746&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77853a7431e75ce53cfdf190056876fc25f8ae879adf86906160d0ab0380d1cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 573 B
306 B 145ms
145ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=474561216631179&correlator=2402640028402671&output=ldjh&gdfp_req=1&vrg=202307130101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=5&adks=1007812694&sfv=1-0-40&prev_scp=pos%3Dfloor_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblta877b261095c8bc0%26aid%3D835894%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1689819004918&lmt=1689819004&dlt=1689819002294&idt=848&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&frm=20&vis=1&psz=1600x3808&msz=0x0&fws=132&ohw=1600&ga_vid=2125217975.1689819004&ga_sid=1689819005&ga_hid=1708491746&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5a690feddba84c3910dfafcff0778860e6e990bf5ea0e842330f08cc9188e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 277
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 573 B
312 B 67ms
67ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=474561216631179&correlator=2402640028402671&output=ldjh&gdfp_req=1&vrg=202307130101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=7x7&ifi=6&adks=2857532071&sfv=1-0-40&prev_scp=pos%3Dadhesion_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblta877b261095c8bc0%26aid%3D835894%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1689819004921&lmt=1689819004&dlt=1689819002294&idt=848&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&frm=20&vis=1&psz=1600x3808&msz=7x0&fws=132&ohw=1600&ga_vid=2125217975.1689819004&ga_sid=1689819005&ga_hid=1708491746&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65958282b41dd7e8ad87884b0891b511be968f8beea9c18f95a68282db0f7e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 131ms
131ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=474561216631179&correlator=2402640028402671&output=ldjh&gdfp_req=1&vrg=202307130101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=7&adks=3212010195&sfv=1-0-40&prev_scp=pos%3D728_1v%26ptype%3Darticle%26pageid%3Dblta877b261095c8bc0%26aid%3D835894%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1689819004929&lmt=1689819004&dlt=1689819002294&idt=848&adxs=315&adys=86&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&frm=20&vis=1&psz=984x0&msz=970x0&fws=4&ohw=1600&ga_vid=2125217975.1689819004&ga_sid=1689819005&ga_hid=1708491746&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e3c1eae7226a6f794fc125b323bdb3c28e466ab0aeeaa815782f5a51400fd89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15534
x-xss-protection: 0
google-lineitem-id: 6303472284
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437184061
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 77ms
77ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=474561216631179&correlator=2402640028402671&output=ldjh&gdfp_req=1&vrg=202307130101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=8&adks=2160334793&sfv=1-0-40&prev_scp=pos%3Dvideo_v%26ptype%3Darticle%26pageid%3Dblta877b261095c8bc0%26aid%3D835894%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1689819004932&lmt=1689819004&dlt=1689819002294&idt=848&adxs=308&adys=935&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&frm=20&vis=1&psz=646x1680&msz=646x0&fws=4&ohw=1600&ga_vid=2125217975.1689819004&ga_sid=1689819005&ga_hid=1708491746&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3505e5a091af5da295452e068df8eb096bcf6bcf525260d6dd6e086a4ad3805f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11934
x-xss-protection: 0
google-lineitem-id: 5674929725
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347225724
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 144ms
144ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=474561216631179&correlator=2402640028402671&output=ldjh&gdfp_req=1&vrg=202307130101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=9&adks=2179772160&sfv=1-0-40&prev_scp=pos%3D300_1v_article%26ptype%3Darticle%26pageid%3Dblta877b261095c8bc0%26aid%3D835894%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1689819004935&lmt=1689819004&dlt=1689819002294&idt=848&adxs=654&adys=1015&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=2125217975.1689819004&ga_sid=1689819005&ga_hid=1708491746&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efe8a1bea14209d79401a16d5f4c10b8e37b6a864438f2983fea93b2cdc72581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
google-lineitem-id: 6140096305
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138409453221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 88ms
87ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=474561216631179&correlator=2402640028402671&output=ldjh&gdfp_req=1&vrg=202307130101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250%7C5x5&ifi=10&adks=3875998922&sfv=1-0-40&prev_scp=pos%3D300_1v%26ptype%3Darticle%26pageid%3Dblta877b261095c8bc0%26aid%3D835894%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1689819004938&lmt=1689819004&dlt=1689819002294&idt=848&adxs=988&adys=126&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&frm=20&vis=1&psz=308x0&msz=300x0&fws=4&ohw=1600&ga_vid=2125217975.1689819004&ga_sid=1689819005&ga_hid=1708491746&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7eb9235c2f7bb8951d6d6fd6cb0b4608596e4cc97f3d644b3d1c57ba460a6a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13146
x-xss-protection: 0
google-lineitem-id: 6292938605
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138408218300
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 121ms
120ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=474561216631179&correlator=2402640028402671&output=ldjh&gdfp_req=1&vrg=202307130101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=11&adks=3515817136&sfv=1-0-40&prev_scp=pos%3D300_2v%26ptype%3Darticle%26pageid%3Dblta877b261095c8bc0%26aid%3D835894%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1689819004941&lmt=1689819004&dlt=1689819002294&idt=848&adxs=988&adys=126&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&frm=20&vis=1&psz=308x0&msz=300x0&fws=4&ohw=1600&ga_vid=2125217975.1689819004&ga_sid=1689819005&ga_hid=1708491746&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15589a33de91c47508179520409c0e4a555e628b9d439ea9def28ee308e5de6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15504
x-xss-protection: 0
google-lineitem-id: 6292938605
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138424532569
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 163ms
56ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307130101&st=env

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a4ceecc083a0922df3638361a0fc4ff1afe2a55e122a3ffe6453a6cd5ba7bef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11690
x-xss-protection: 0

GET
H2 200 container.html Show response
35f84c9835cb2e3078c3c1b7bc7fe174.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 49E0 6 KB
3 KB 323ms
49ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://35f84c9835cb2e3078c3c1b7bc7fe174.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 02:10:05 GMT
expires: Fri, 19 Jul 2024 02:10:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
160 B 82ms
82ms XHR
text/plain 2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: VwQPWV9RDRACUVdUDwYAVVc=
tracestate: 3288925@nr=0-1-3288925-322548631-b1c0d23771d429d0----1689819004965
traceparent: 00-b0040d00ea606342a8cb4d2a2f809b00-b1c0d23771d429d0-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjMyMjU0ODYzMSIsImlkIjoiYjFjMGQyMzc3MWQ0MjlkMCIsInRyIjoiYjAwNDBkMDBlYTYwNjM0MmE4Y2I0ZDJhMmY4MDliMDAiLCJ0aSI6MTY4OTgxOTAwNDk2NX19
content-type: application/json
Referer: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7e97aa6d2c3503f8-FRA

GET
H2 200 lazy-feature-loader.2f55ce66-1.236.0.min.js Show response
js-agent.newrelic.com/ 1 KB
2 KB 40ms
40ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-feature-loader.2f55ce66-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: SNNZ70_ndPBZM4f5drSRay_oJEEp97f5
date: Thu, 20 Jul 2023 02:10:04 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V16FNAZW59HEFJG0
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1085
x-amz-id-2: pkfKdXF0ec9M5wmr/XnuOdiy3sJ9l2J8W0+mV18C4Y/E7ElWkyPmB6Zv+aJ4N+mCS9iq7HMT8b2lg2w+e+nWnw==
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689819005.995278,VS0,VE0
etag: "e43b565f398109176254b8a9394de5ba"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1117

GET
H2 200 148.1a20d5fe-1.236.0.min.js Show response
js-agent.newrelic.com/ 8 KB
8 KB 41ms
40ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/148.1a20d5fe-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: ScUpW5z6XcbV4AsRwaGpjCwUtY9KtEdV
date: Thu, 20 Jul 2023 02:10:05 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V16DR883D7PM3805
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7826
x-amz-id-2: V+aas5/YiB8hULXvDfZhIsWW+TevCOkgVGk/Fj6tlHSP/nHDKK7wQoHIzNE/dowYKiIKBmcwbTA=
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689819005.048207,VS0,VE0
etag: "bed1f74897d091a7dfc2b06e8a1e29a3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1103

GET
H2 200 page_view_event-aggregate.06482edd-1.236.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 44ms
44ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.06482edd-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: olBWVnN3KrZD.7AbCiVQ_LmF1ZBKIJEh
content-encoding: br
via: 1.1 varnish
date: Thu, 20 Jul 2023 02:10:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: V16FEYSTFEDPYHC4
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4296
x-amz-id-2: H97fZQNmKZjDmD9s6oOERCRPM+eQfEYaPaxM4am5otyv9pCh6VzqGQl9ZFts5wWPUkATcktLtmE=
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689819005.048417,VS0,VE0
etag: "553d27144d4f9fbe7e31b802107a2071"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1114

GET
H2 200 page_view_timing-aggregate.bd6de33a-1.236.0.min.js Show response
js-agent.newrelic.com/ 15 KB
15 KB 44ms
44ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.bd6de33a-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: 9W2va1QLSUaCTJ3OoHH2ZOYSIAKsuvOr
date: Thu, 20 Jul 2023 02:10:05 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V166MSHRXDKAVVGE
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14879
x-amz-id-2: c6U0F1buvLoUbC7Go6OynO2vSuROf3WSt/D6YI1yr+0jsK94y9koc9qEWfBtaM47/YBf5Yf8NJA=
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689819005.048437,VS0,VE0
etag: "01e96e9ff5c360298d13581ad38e60a8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1130

GET
H2 200 metrics-aggregate.3dc53903-1.236.0.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 53ms
52ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.3dc53903-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: Z8jxLQfOXuFmYqpMJ60TDp7HscNrmk8O
content-encoding: br
via: 1.1 varnish
date: Thu, 20 Jul 2023 02:10:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: V160X7JZ0EG0626C
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2987
x-amz-id-2: 5+0z6v9iOJAmzGseP7niEmvz+uxWao1VALb8NoZbCquSjddcdg/5b+W1EwLWyPB/uQ66j8dwtBs=
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689819005.049047,VS0,VE0
etag: "a912f1cb80b2d3cf15f10d9d022b6188"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1100

GET
H2 200 jserrors-aggregate.49e41428-1.236.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 59ms
59ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.49e41428-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7662bd2cb7034d86dc4bdb707af33dd9ca3198a95d392067ee3c0c9ffaffdf0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: .ACjr0HqA7HhCmbDNUQuLIwun1cgXyhg
content-encoding: br
via: 1.1 varnish
date: Thu, 20 Jul 2023 02:10:05 GMT
strict-transport-security: max-age=300
x-amz-request-id: V16FYZFMXCGTDG27
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3814
x-amz-id-2: mwgteez6x3yDx2YZm/5IjUnid5gI60+Qa+e0jCOSmE92j50WhHAejUGBsI77JWFl8CIlDnktHZw=
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689819005.049270,VS0,VE0
etag: "ea0f213ac446fa34c085f244b9573b9d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 837

GET
H2 200 ajax-aggregate.998ef92b-1.236.0.min.js Show response
js-agent.newrelic.com/ 7 KB
7 KB 58ms
58ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.998ef92b-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fcb70cd5b8090d9144eeef2f1665608ee4fa67dab1fd167f49af074a42b9101e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: xVg3CmVvsRmAix36ZLYuy_uCZQf0TjpD
date: Thu, 20 Jul 2023 02:10:05 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V160Q4MCNEPA0DWF
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7044
x-amz-id-2: 4pXWnKuNBIz41lqSFIf5tsKV1P/qUi013lzcICPtzab00sHuhMEZy///R1KpVfpsKCYjZAw6vX4=
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689819005.049300,VS0,VE0
etag: "07e3c83179c7da2e2f464a72b084aacf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 839

GET
H2 200 session_trace-aggregate.83105561-1.236.0.min.js Show response
js-agent.newrelic.com/ 12 KB
12 KB 85ms
85ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.83105561-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0d7c9c8e398100c60b41833292522f27b1e6b12c057442536ff98995d90f08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: JP1nny3GAhH60lOAbY5zpQuuXGmtQF2W
date: Thu, 20 Jul 2023 02:10:05 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V16EH4FX34YSCAAP
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12146
x-amz-id-2: KmNhWc8I5iJnNq0ChwdCJEZrN6U9/HfEVBAcZH07DpJoA9YIkp9R2HXYN98dYcqTnC+W5zEkkS8=
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689819005.049977,VS0,VE0
etag: "4ef8d054860549421e884b3d2d74b83e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 848

GET
H2 200 page_action-aggregate.ac76d497-1.236.0.min.js Show response
js-agent.newrelic.com/ 5 KB
5 KB 85ms
85ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.ac76d497-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0b09c565baa3b8d3de7ea5b132e22c0ed1bb8943ae83d1bff9421e62ae8d8800

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: d39kPm7I27R6JP_9CC8D6A917GdgqR8V
date: Thu, 20 Jul 2023 02:10:05 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V16ETB3SQ8RDG48R
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4643
x-amz-id-2: 7B6KPpWlXRjWt491eJYd/RxIbU1+NFdezc6YFgBbxs0tzjbWueAY5nqCMMdn02DJLpb8NRE9EB0=
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689819005.049965,VS0,VE0
etag: "8862791debd0b259297a0ccf618932eb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 836

GET
H2 200 spa-aggregate.e6b09d52-1.236.0.min.js Show response
js-agent.newrelic.com/ 20 KB
21 KB 93ms
93ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.e6b09d52-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

167c7894014a33b184a658a4883c24c20bbd158dc04b7fef709f80a4bca6a7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: k3LNqXtDnYaGJRciEwS012KKWchlproy
date: Thu, 20 Jul 2023 02:10:05 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V1600H0FQHVZS1H6
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 20843
x-amz-id-2: REepnSOeMxho2ZLiM3P6Of28yVpUanBl9XNRlLsr+8LFPWoIfDXKvl9imaTNqPVm6hdgUuAJXbU=
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689819005.050091,VS0,VE0
etag: "27ef55ddf9eded9cf24ce8747e8bbe04"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 741

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0A63 0
0 79ms
78ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzuaSvaNH9V4-66OvhC5f0br2JRbbzwS1WrYhlYlCDofcojpHTz3daNAgclgXnmJUswn7xHUMEOb24l-8607iwmt3oehfqOtiSrUxnJ5YxVyx6HnntJE0eRFUhHdHKqGA4hF-Rx1_ip_rnKgNRSro7uw3RHi9v8L4veRuAZZrK1WbPT6yc1ITe91AyjmyZ1OgWCprUo5dNc-qY39pp9nTtINuLURAwsmT91hANLdZWhym-6QVdShEYZHkebpQjOzMJ5GlEws95zN8Cvu1A1qyEdyjCSDLBRVus-8oVRXY6-41gMewsHxVboIaTEVKr2mnlBRwY1ii69bhafoLyBYv5VZIdW1duyaeRQG4xATXu3V63Mmo&sai=AMfl-YTBiROGcp80g7t2g-rNL0MfMStIffNvDLxlPyBq0kIkXVTEY2-fdXtKCQM_cEcrqKtvINDFovVGI3eWsgVxvr23rOpBfzFtFgSJFMVvnPfBiFlryITmurRUf8EEL6A&sig=Cg0ArKJSzJIgeZGGOhlbEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 tag Show response
a.teads.tv/page/130102/ Frame 0A63 752 B
803 B 214ms
44ms Script
application/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/130102/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 120be5c1f0c3158ea3f36d14321d28e8bad8f3c6fcf6eadd240020c1836eff98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 470
expires: Thu, 20 Jul 2023 03:10:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A63 179 KB
57 KB 218ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 0A63 325 KB
111 KB 210ms
43ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3aa7f2e293aa413d264dd55f51ec7be336f5342f420e6d759b6bb71403e2b98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:42:11 GMT
server: AmazonS3
x-amz-request-id: 7KFK4NAJPFVEZQVD
etag: "61af115db679f7e09b898be1bf993458"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=63251
accept-ranges: bytes
content-length: 113453
x-amz-id-2: I6/lNKIiZtJ/4ONWdpBhcNttZYyD3GtodVJ/W/0VhxAFBFyG11DQPiY/xlqy8lhEDXobE/hUIXo=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6761 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw0dxiLkvW2GyrCcpLWjQbHOGwTY__61G4b5Nl8UyAXv4Ps7pBco5mNE1XBDcSNAeOT_Vq_XP-zpEpMRL52uPG1zgowVBttKKOOfw6HX8EtH2Aa3E8eF6QIVD3ntbRxC3oftdvTX0HlXuIR2VJ21ETDD54Apc0_HLyhc50i7Kr9HAVUxkWHSEcS4n9hzdl-5V_ERtaJUMxoG-bO2eYZWYzGV1WJ5AG0gHhCFnjY9uJ6Vy4Rd9L0qr4vqQLl_4xjgxkoNjWh5OlBn3cAAfR2WSNQlLRNtY7seWSpBk1yMBijvg7q78ZDLOJk-aoPflZjskaTEdTCivh_I2g_E9cu-DemIYNLze8EHVz5d-mmxhieht19jECoP-F&sai=AMfl-YTzeoz1hGC0hapuFvZJzdDZ6ov4Z1HTZsJxeHqozwzKc72KTvQCxWa3bze8onQyNH5NzXewpm3K3FTxyReynhmRYHSeFnJL98oi117PKqfe62k4qkAQ1n1SAjuV5ig&sig=Cg0ArKJSzJxsNdLD_S3SEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6761 179 KB
56 KB 312ms
168ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 6761 325 KB
111 KB 187ms
44ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3aa7f2e293aa413d264dd55f51ec7be336f5342f420e6d759b6bb71403e2b98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:42:11 GMT
server: AmazonS3
x-amz-request-id: 7KFK4NAJPFVEZQVD
etag: "61af115db679f7e09b898be1bf993458"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=63251
accept-ranges: bytes
content-length: 113453
x-amz-id-2: I6/lNKIiZtJ/4ONWdpBhcNttZYyD3GtodVJ/W/0VhxAFBFyG11DQPiY/xlqy8lhEDXobE/hUIXo=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 427D 0
0 83ms
83ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbvtsCe0UygZhXVTAgXJ-mYm3jUED2DPhG1YoMMh2pSUyMlJ7wIhljd2y4sqYRGpG1i_LieVi3fOJ1DIk4qHxORhAUS3JzwbcEnamY6DBvjOBYZK-CaEiZWuqCfD4Mygd03l-H3btrcmLKRYAjzBvAZEdf3YmVD-zNT-vHl5b8swR2dWSkyegAg001jNK52BrilTnGWh_fNG6UOEzitnInL3cGE4mtsJ6IzK_k_KLplKoCU-OjOqX4EarfPTBixlSLCCnDyMgFgIvKL0xuTVP7Q0XuLcL1YkFMHtv1EitDHeISiECPouGJQTXDyHhpCdbGt75XjBeVtVY5eTJ26mMtWgsaUmIPyr_KQTMuLyiyWYuYZWOB_6S-YKTaNAAMjbAyC4CEu2W-qZWLMg&sai=AMfl-YTjWL8vBM6vq2lonAeWBV8PTOMCKlB_xFHdbi8Y-XWnp6zbDeV_JP0qmPP7clK2gg3RMocK_qrXytTgfSXwuH_-Vrc4_RUWrG3PruRRmGqDaaeydSa-qs805wiICw&sig=Cg0ArKJSzC3ausjA8jaREAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ Frame 427D 94 KB
33 KB 44ms
43ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-1787d"
vary: Accept-Encoding
x-hw: 1689819005.dop246.fr8.t,1689819005.cds329.fr8.hn,1689819005.cds154.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33357

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 427D 179 KB
56 KB 288ms
178ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 427D 325 KB
111 KB 153ms
44ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3aa7f2e293aa413d264dd55f51ec7be336f5342f420e6d759b6bb71403e2b98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:42:11 GMT
server: AmazonS3
x-amz-request-id: 7KFK4NAJPFVEZQVD
etag: "61af115db679f7e09b898be1bf993458"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=63251
accept-ranges: bytes
content-length: 113453
x-amz-id-2: I6/lNKIiZtJ/4ONWdpBhcNttZYyD3GtodVJ/W/0VhxAFBFyG11DQPiY/xlqy8lhEDXobE/hUIXo=

GET
H2

200

5810807084231361466
tpc.googlesyndication.com/simgad/ Frame 427D
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbvtsCe0UygZhXVTAgXJ-mYm3jUED2DPhG1YoMMh2pSUyMlJ7wIhljd2y4sqYRGpG1i_LieVi3fOJ1DIk4qHxORhAUS3JzwbcEnamY6DBvjOBYZK-CaEiZWuqCfD4Mygd03l-H3btrc...
https://tpc.googlesyndication.com/simgad/5810807084231361466?

168 KB
168 KB

186ms
186ms

Image
image/png

2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5810807084231361466?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8ea75d5d8177228b19b251fc18ba08df79bfa0683db9d174a95e17f240a7e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 17:06:10 GMT
x-content-type-options: nosniff
age: 32635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172252
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 13:19:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 Jul 2024 17:06:10 GMT

Redirect headers

date: Thu, 20 Jul 2023 02:10:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: https://tpc.googlesyndication.com/simgad/5810807084231361466?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Dark_Reading_Logo.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/ Frame 427D 5 KB
2 KB 40ms
40ms Image
image/svg+xml 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/Dark_Reading_Logo.svg?quality=80&format=jpg&width=222

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

0e198a2d521948c31a85eff04b881542d8b31d8b5824f900a950ea34bf5ef811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 444061
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Dark_Reading_Logo.svg+xml
fastly-stats: io=1
content-length: 2021
x-request-id: abae417463f384853fca991bd06119fe
x-served-by: cache-ams12720-AMS, cache-fra-eddf8230133-FRA
x-runtime: 83ms
server: contentstack
x-timer: S1689819005.137174,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 7, 2

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1708491746&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&dp=%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&ul=en-us&de=UTF-8&dt=China%27s%20APT41%20Linked%20to%20WyrmSpy%2C%20DragonEgg%20Mobile%20Spyware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=welcome%20ad%20served&ea=6148587061&el=138438523876&_u=aCDACEABRAAAACACIAC~&jid=&gjid=&cid=2125217975.1689819004&tid=UA-135180592-2&_gid=1452756568.1689819004&gtm=45He37h0n81T52Z3Z3&cg1=article&cg2=News&cg3=Threat%20Intelligence&cd1=article&cd2=nate%20nelson&cd3=&cd4=News&cd5=Jul%2019%2C%202023&cd6=threat-intelligence&cd9=mobile%2Cvulnerabilities-threats%2Cadvanced-threats&cd10=0&cd16=blta877b261095c8bc0&cd17=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&cd18=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&cd20=vanguard%20-%20126&z=1536781778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 23:38:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9070
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9579186847410300778
tpc.googlesyndication.com/simgad/ 164 KB
164 KB 140ms
45ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9579186847410300778?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cc56be71f6e9f4103ea28dbd4e3f435288c26bba0015c66ca49b117e46a35ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 23:00:35 GMT
x-content-type-options: nosniff
age: 529770
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167902
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 16:09:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Jul 2024 23:00:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F86B 0
26 B 80ms
79ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmSHQ0myZ5uuyts2-lYOgO8ti9giRtmVlu0ebZHP8Me3MnaihGCz0jqk3DxNXjvnhk8aAOpR40BKldivuVsuWhKBGIHy94HoSTACjjuJ4WE1pay8yEBg-sRzYPfVvcmXuWROk66pMNSMcpCDiCcE_CHuFEf5FAw0GpxPE-8YxFYoMVydnHvRWCJblKrxn11ZxJYrK46pZyF3K4_vaexc-vQdrMym7ED1-iMDUYNc2ZhuZh9Aw98tU30YCY1hIe-kZbBLBpyBuykQCcfBP-tmCJba-hkCZ999pPuexy7NfqiQLfy6FtwLBnSYLyjJZI_jd1adwZbcrcjPkQ3mbkI9H2_s-KjeMM2qkZHRScC38qShvd_rOG-Cle-B_x&sai=AMfl-YQ2Rufr20Y7zHVn2Q53yXLROmuKVGnvwoyyQ6OVdHYE00i67YIdb2hbI2cCB96y3OsO_WsY8wkDh01pSlRixGtGtnW5eAx037VpeeN5N9KRiQWKLGvztyTW6fj6bXs&sig=Cg0ArKJSzFUENZBj8auYEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C091 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK2SM-bS8lsRxbO5ETk2kBtMhz13cyOx7Q_U-n77L0QomkMfYddGLgRdyxUJGozc1E3LMBpzeaI0M4yqAYWzluA6ruVAL04Q3kOJi64fwTdfhXl1SRHAwXFRMHGkiu3pDMAqWeUoPSaCw2q-QAivZzRanSeFSExGBAgLGfL1w-2wZuWU7OYdihxTtUgvBhHrn2OM5dUEnlhYF4RlznUcQiumNmAvkfOORuJZ_h4evZG3vKC7LhVh2Ydwmhy9sAy7P_Ib6GOxiWxTRG8xL-g31uDMR2CqpDSWoqyGTuVL_-ciVfbpTeAZmGbHP1HqKyFczNybVAoj5ssNbmLsPX8mjXwyvpTKc1NDm2QBkZLU6kBtDs8iGzz4vD&sai=AMfl-YTbmS4MDOCs0TQ0sIsZBWEe346z6LDmIuloLJmz8YtXGhppRSH92BEXKIecGYjlbAQHTe1Ndkw0VOJtloOxVNe7xbhPzMs-jW3SJPHZZOcXmL7i671z8CHUtAMRHKc&sig=Cg0ArKJSzK1pTJLe88-4EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame C091 3 KB
1 KB 118ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 23:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 23:38:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C091 179 KB
56 KB 188ms
123ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame C091 325 KB
111 KB 107ms
43ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3aa7f2e293aa413d264dd55f51ec7be336f5342f420e6d759b6bb71403e2b98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:42:11 GMT
server: AmazonS3
x-amz-request-id: 7KFK4NAJPFVEZQVD
etag: "61af115db679f7e09b898be1bf993458"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=63251
accept-ranges: bytes
content-length: 113453
x-amz-id-2: I6/lNKIiZtJ/4ONWdpBhcNttZYyD3GtodVJ/W/0VhxAFBFyG11DQPiY/xlqy8lhEDXobE/hUIXo=

GET
H2 200 3903155024297357659
tpc.googlesyndication.com/simgad/ Frame C091 63 KB
63 KB 242ms
168ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3903155024297357659

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4525a5f3847a9166fe1e883fd275951bf489526dd0d239acbf3118d0c80cec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 23:00:35 GMT
x-content-type-options: nosniff
age: 529770
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64146
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 16:08:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Jul 2024 23:00:35 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C091 0
0 49ms
49ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5KjH3CklMOjJHQfVbU8atj-C0_F0bKQaJSRBWNWBfgFDSQzghMK0lTctMOArzJkAva918
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2B7B 0
0 79ms
79ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssalQ251XwypVpjw1av8HdOJbTo92EgbEZcG-5XwIqszebUpOGMWneHGVsjXj404-YULf_BiBPOvid17E5FAZA6S8BpD9cYbMkELARFsz8CDk8FNflvKveWUAXKw96dcDLpsay34wTVqvIJ-nDhIhKv48fgaX7W5YLR45mdz1W2Gb4fsWsPe33xEBw-Ze9KgL59-daRRE76yohwbQqm8ry-Bt9WExSAB8hVUsuDvBY567_Z_L1wBL1chtuwsij2azrYYM3hdc0P8Zm3pRGy2hfLqPDHEwMbKrwBRCa0LGfyBA-lmxhZpgPAXZLn9qxX4b3DuA82uvPSy2ttC59ajiZQYqoOcR2x8NpLACDhOrfzoRaF0fgHu2VD&sai=AMfl-YS2l36Dygg6l9Q-oxwov5eijJ_LIH1a9yTuvPP_fnm37SlpR80HMr_FnfOcSBA64pY_ayxku1YlDIvGsK54KCYX_rVWwjln7RvB5U5y-l4roExyO7IfPXFTAWi5530&sig=Cg0ArKJSzDn9ER2YLxbFEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 2B7B 3 KB
1 KB 100ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 23:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 23:38:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2B7B 179 KB
56 KB 227ms
180ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 2B7B 325 KB
111 KB 90ms
43ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3aa7f2e293aa413d264dd55f51ec7be336f5342f420e6d759b6bb71403e2b98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:42:11 GMT
server: AmazonS3
x-amz-request-id: 7KFK4NAJPFVEZQVD
etag: "61af115db679f7e09b898be1bf993458"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=63251
accept-ranges: bytes
content-length: 113453
x-amz-id-2: I6/lNKIiZtJ/4ONWdpBhcNttZYyD3GtodVJ/W/0VhxAFBFyG11DQPiY/xlqy8lhEDXobE/hUIXo=

GET
H2 200 7535176932112437087
tpc.googlesyndication.com/simgad/ Frame 2B7B 25 KB
26 KB 229ms
172ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7535176932112437087

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e5ec0a03ff3ff8859a2d6be04436062e5ae975677239e7321ffda43bff8a770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:15:22 GMT
x-content-type-options: nosniff
age: 564883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26098
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 18:26:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Jul 2024 13:15:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2B7B 0
0 48ms
47ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS28X_D8DT-GE4-s1-2d6EGa2OPa52vq6EOjpNj9PzHhmVxeTFG-Ttsj4nIqioRr33q2qLu
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H/1.1 200
OK web.js Show response
ads.celtra.com/b0789f8d/ Frame 6761 14 KB
5 KB 501ms
130ms Script
application/javascript 54.208.168.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/b0789f8d/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuxVkY0aaN0FVJqh6UM-sVxIWge3j6s-irLuBZhyPS4Or-YYUjIW8e0WmtVpqclCDAaNyyWsPetny7dFZcdILpSZRRq-llThAew9WUB0anQviUacvoDmpqrsrS3SkGTFt-2-R61TzvwvIiGnQQ8jqWsQa9tsr2D5AqLCOuCekr-4Km_Y5rBQsirKliWmr5Pw-qcrZMdwe1Jx1yzbGZLVuPLlyKAJp5cxAPdUvdcYCOJBwcTsOo7jB63VhabVyltBw__-opJds3Ho2l1suyxqXJuJXNwgEINCtVUPBH49s1cIJAWTs_T86TjiuxfSME0tZoCX83FMAFngwjIZUktylbVCz7--zP7fmrnapme8MblYz3R4qH8%26sai%3DAMfl-YSYqKMhNpEBAwx26bUGFlF-qrM9ZdTQPaNwo0PuRQsPEJRQdU1bsKrplCh_aqpflqUCaBD31-aEn2UHY-bAP0PcxYJPEGvCoZa9uUJiW7TIpIH7sy_z7DY5R57QR5s%26sig%3DCg0ArKJSzF4lnZYQAo4QEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138408218300&externalCreativeId=138408218300&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6292938605&externalCampaignId=3197325587&externalAdvertiserId=5134346611&coppa=0&scriptId=celtra-script-1&clientTimestamp=1689819005.185&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=5248879489686025
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.168.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-168-48.compute-1.amazonaws.com
Software: /
Resource Hash: 4459170bb1d47a493f233d2b9b88a6654d5487b0fb54fc2b1458eaf8a2c0801c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 4850
Expires: 0

GET
DATA 200
OK truncated
/ Frame C091 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 199e6bade2d27455dede208b7dd934cdfbb7bcce75f3cf784b1b448b93ca54b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2B7B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11b9b58672d611b42a4cc959635a43101e17349ea7c4899cd1a807a4d5917f95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9C9B 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupu6tIlEQUPZDcPp8jlrnlQ_LwPi17sImKDVimKc3PMrfgJKpDcloqr85XkF3yxXXlVCsQFRHjZwNRXzGim4AAhfdx5T_F6OHS23LCUzxUtEe-Ma-__jPA7OeqqbPZSJTbCLau6DCmPMVS72Wb4WCrZcf-D7Yvcydj5OUGMk-fvTq6Vnx4KXqmI70yb3BgcjiQJNgG4ldiYmVWgbcqfz_w9FlILklNMtBduqfYhcQap7mAmt86mk1vMHYGn52uHTVwbgUFmxPTE34JPl-UWRJF56zjflxAhTlOM-Cihmie3PnXlHttfjZH_D4DZ-b3FXVy0pVXS2xXHilnGliYYcJFUk2N7FWoXvhB4bUah4QAQkQscWc&sai=AMfl-YREXFMhnjmAxyajUHauymG4YMbkbwaq-sUg5WxpbN14lLWGNq6qpBWyaXjkhwJDNolLwAblLx2fP9Rlj9w3jtZTA1Q-g0VYrqK7EEhAWng3FilK-GM4UzbXNKQH9bw&sig=Cg0ArKJSzGWH0-rgDhF_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/ Frame 9C9B 3 KB
2 KB 67ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230718/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 23:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 23:38:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C9B 179 KB
56 KB 129ms
114ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 9C9B 325 KB
111 KB 58ms
44ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3aa7f2e293aa413d264dd55f51ec7be336f5342f420e6d759b6bb71403e2b98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:42:11 GMT
server: AmazonS3
x-amz-request-id: 7KFK4NAJPFVEZQVD
etag: "61af115db679f7e09b898be1bf993458"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=63251
accept-ranges: bytes
content-length: 113453
x-amz-id-2: I6/lNKIiZtJ/4ONWdpBhcNttZYyD3GtodVJ/W/0VhxAFBFyG11DQPiY/xlqy8lhEDXobE/hUIXo=

GET
H2 200 4420048525364726350
tpc.googlesyndication.com/simgad/ Frame 9C9B 40 KB
41 KB 182ms
181ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4420048525364726350

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0024799439eb23b1b2336e7556d2d6961d34fddda504dc7603352aaa1b65392a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 11:17:57 GMT
x-content-type-options: nosniff
age: 312728
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41460
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 20:13:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 15 Jul 2024 11:17:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9C9B 0
0 49ms
48ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQzGukwngwbMzK6j6Cb1h7SmOo5Xsp5yLnjSxzDbZQmLcwMGjJUcUeS64svVqE07lkhCGxH
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307130101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 217ms
216ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
DATA 200
OK truncated
/ Frame 9C9B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8db348db281054445696361bb87e5bcd8891546c122cb6d422f5a9c8e784884d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK NRBR-dcf2500530dfb0326fd Show response
bam.eu01.nr-data.net/1/ 40 B
464 B 147ms
55ms XHR
text/plain 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRBR-dcf2500530dfb0326fd?a=256687733&v=1.236.0&to=MhBSZQoZXkEAUkFdDgtafl4KFVFeCEtQUDQXHB8b&rst=3944&ck=0&s=a996c96f1d147539&ref=https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&tt=2e628993d899d389&af=err,xhr,stn,ins,spa&ap=662.284687&be=976&fe=2666&dc=1116&perf=%7B%22timing%22:%7B%22of%22:1689819001315,%22n%22:0,%22dn%22:1,%22dne%22:17,%22c%22:17,%22s%22:57,%22ce%22:105,%22rq%22:105,%22rp%22:976,%22rpe%22:1262,%22di%22:1700,%22ds%22:2091,%22de%22:2091,%22dc%22:3451,%22l%22:3455,%22le%22:3641%7D,%22navigation%22:%7B%7D%7D&fp=1688&fcp=2223
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230139-FRA

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 599 KB
131 KB 41ms
40ms Script
text/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0090ad87f563541d825d7eb3365d802e0c94ff77c073c89ba4566d3a6de87d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 15:27:27 GMT
x-amz-request-id: REEPRZJA3R8JPB1B
etag: "ddf9137ad4022353038ddeb6adffcef3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 0
accept-ranges: bytes
content-length: 133876
x-amz-id-2: qH1A67VIsvM+NYmCZjzm5vI8+jjymYAc2YmGqPuNO+vbUVhtZ1hji+U2gClCVz5xRklEABOwn6c=
expires: Thu, 20 Jul 2023 02:40:05 GMT

GET
DATA 200
OK truncated
/ Frame 0A63 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee70e50b4558ba92e3ab8aa48e5bbe962403e815666da6ae65b033449f00f78c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tag.aspx Show response
ml314.com/ Frame 0A63 31 KB
11 KB 138ms
41ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?2062023
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 01:40:08 GMT
content-encoding: br
age: 1797
x-guploader-uploadid: ADPycdunUpQA7YFFxiw5pcBXMazwYD-FQiKWU993n5gUw7t4prLIYSVWV21gIgtrB7zq-NLg0bUe_c0EmZpvb8rmg1hA1Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10526
last-modified: Mon, 10 Apr 2023 17:13:24 GMT
server: UploadServer
etag: W/"b0965f051977c0dd95ffe2c736cac352"
vary: Accept-Encoding
x-goog-generation: 1681146804366265
x-goog-hash: crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: none

GET
H2 200 n.js Show response
geo.moatads.com/ 98 B
271 B 239ms
50ms Script
text/html 3.11.96.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1689819005530&de=838632331620&m=0&ar=c013c52fed3-clean&iw=a26c119&q=2&cb=0&ym=0&cu=1689819005530&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4448790601%3A2827245798%3A5674929725%3A138347225724&zMoatPS=video_v&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&bo=22316126855&bp=22339890152&bd=video_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1688%3A2224%3A3641%3A1700&fs=204627&na=528397039&cs=0&callback=MoatDataJsonpRequest_61365755
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.96.30 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-96-30.eu-west-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 19d9249f42cf04420a372a728ac0f36a0696add22437edd2769b6a50ca22683e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "3e22c0c3579fca9cc51884258a6bcc6f41c63af0"
content-length: 98
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 55ms
45ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1689819005530&de=838632331620&m=0&ar=c013c52fed3-clean&iw=a26c119&q=3&cb=0&ym=0&cu=1689819005530&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4448790601%3A2827245798%3A5674929725%3A138347225724&zMoatPS=video_v&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&bo=22316126855&bp=22339890152&bd=video_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1688%3A2224%3A3641%3A1700&fs=204627&na=971690080&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
DATA 200
OK truncated
/ Frame 6761 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a62cccc0375c9fe67082cb1178fa2c72f13a5958ae5e9f2d8541c7c1e28705e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C091 0
0 160ms
78ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu18M4B2_6uEFmmiD5DL2k-xKfsdunXbkGpe6MnaV1nvJMP3xhSh-wjwrNCDgWP9fdprDwboiRQLqdCLpCB0jwL8hkRml8XgAL7pAACwJhj8bNld-FCid5_aMIrKChmp_VVmFwYrkT3lgxa3qC1fTjyHbCC5RA8y2bH0R5eh8kliMEm5811vKvepwngCpLVeTXaqUhTBhKSbzj7BQ5HASPn2bMTxX9L0pOP4HvoA7lLoCXQVdUHjMf3LHsRSXtx-Z9Ds-lyJfV5jVyMa9UzWHNIuNsL_ggAuu4GhmVh9XRCbiSfj99HBjrpREn6J2nCl8icr4Q_GezJCXMdYXHPk5zs3C3HntV-EhalZ26DTfBEe6R-JE_AsfdaZRQ&sai=AMfl-YR4IKWbOwErsdZSNOhm2by_o-t_Yr6SnDPejFbf7mP_Z9-WwC3ZWh9OEgaPfGyak-icO9v1kBNbbWzg-uydcV6ihXbS2oDchdsusuKnyoEvXSYTwga7o_7Xd9YJm7E&sig=Cg0ArKJSzCLrYoaNWIxKEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2B7B 0
0 142ms
78ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFCc9RkUNNJmWjdKgy7I_ZEsrnY8b1J9wwkZlbHudEaqfDUdF4e9PnuOAhqZAvPy0qZ_UESGAvx7SlkYhFyerosRAlqwtfHDOgTInPF2Wpqqb_4H97TDqnBfYZLPK8-JJeegRCdlUouu64OcZvlfF20Tq4DG3DHzOwEv2WRooymH9CKrUmhCAIWUbgQsxlN0iSpZrpipEkyonhdZ7IYjxRaWcnmTZ_kA3lF4FHeT_rR9vt3VgBslsVN4hNiF3rGmkQ63-bUW9mTQXGFT7oSBIOPoBMwIF3FsythK4JrGauoo0rsTw5xYokIMRXZSqWlnpNbLNYMAk5EHRvGRNoqgs3VfGMYj0qsGURkTybhSJWhMl5Tizkvkkob_0&sai=AMfl-YQm1Nr_-JXbAYMzq-Rq_ELJBlGNzR3eI34s3HREf-uBPG033-aBhHMLji2Bi4zH9FJph5DaLVD9yufyosK_QxwHRmkn318w39jDbn8GFhnoTZNpgFRIwK9ZPNXpIII&sig=Cg0ArKJSzDN7uC99622EEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 427D 0
0 112ms
78ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssw8FPIm8WBhpsPKjaWyi4hrOLs9gx4GDMFqWiQRXSV4a8HnW6IW_DcWQ3co5dJajdSblzg6p65_wlsGmCrHC5dVhBEhWqW26rR-AgZa4bDjv__el8bCJLON8pmlbAj_3gDOzhBNmmcMSFJYFOUXt4oNjF07ESAvqFKR9d_KF2tYHIWmfDgJtvbh9nfJtTp_zZiAf4L8zl_FrrH7fKsscMYqLg-dHK3Cf2EAjxK4_RRKivLy5unrUyURBOSuVlpMJ-s4P4nHLD3mv1Z81Ef78SGkcCw9-DTaliPc_wy7M_Hlt0EJ1rgjXOiL6B-iG513Igdpt8YvsHsugeuYMbO9VOI333GOELwTx3H6tJF1CkQ5WBNtTHo51W4riYMEf6Uxw&sai=AMfl-YTSogkD5QEY8pVQD-IEmgRX9xObgPWD_KK0tlT-dUvZzgyjJhv5ZC5qBifnEWWAqq5ehdWIAzd3xQklvyvBdQnL267J4tQ6Dil-Jdxeo2jW8t7xKej6gOVJcjhGYg&sig=Cg0ArKJSzNvSod1QZZehEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
DATA 200
OK truncated
/ Frame 427D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cd991878506f4e3e2bb0513ee3776edd953572149dfa3729c7d2e6cfa6110e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 track
t.teads.tv/ 23 B
104 B 226ms
66ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=8662d9c6-1956-401c-96f5-64d798b94736&pageId=130102&pid=142873&debug_metadata=KhlIyc68eQ&fv=1221&ts=1689819005719&f=1&referer=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
134 B 230ms
71ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=8662d9c6-1956-401c-96f5-64d798b94736&pageId=130102&pid=142873&slot=polymorph&fv=1221&ts=1689819005727&f=1&referer=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 20 Jul 2023 02:10:05 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9C9B 0
0 83ms
82ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstw89h_Eqb81h9h1FXYqGjv4zVnVlOOag--nFQsknxTwo7E4Oh58ViQ0N3lxVBqXJORXfeYPX19t31EZGyFHATJlHcFk_ZSHLP886jF_3MVlxgmCo5hEy_GA0DK-auVwUHVZoP1djLdUjPSp79aqdl7jOD6Dq8CM-ojLUK-_5SLhE4Dgl6BD2vLZ4YOEwh3MmREt3L2MCsEzEONNJEvw-VvtyE-kUfqBqPhHHX9tf3GVlYRf4ioIbNkjVpXgcFKfIcFiZuSHAs9uBryRY8c-bcWhqwzKGj_6Dry5XzAAjYx92s7_Q-msZPd-7JvRGg2sMM3R_DF35JL6gmsWTNI7ZapqQravR8sWV33ecZfIomcNwyne2xRhA&sai=AMfl-YQm7E6B4xEBf8dpF6QhEZ0_Df6wQm7NB2k0ZaJUbTMFVGUT76x0ObDUS8te4ogU9iTl3KdENK_UlPd1FrpZ20P-7tIRms1NMtw8NfcSAK5K7dJchCx7Iv68gI8rl3A&sig=Cg0ArKJSzFnpR6-qA6HAEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Jul 2023 02:10:05 GMT

POST
H2 200 ad Show response
a.teads.tv/page/130102/ 485 B
681 B 77ms
77ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/130102/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&auctid=8662d9c6-1956-401c-96f5-64d798b94736&formatVersion=1221&env=js-web&netBw=9.4&ttfb=871
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 711fd0ee56213c40a8a5f202fe2c3511af34966c7ae03d715cb5dfc7f031837b

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:05 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.darkreading.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 338
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BA46 13 KB
5 KB 43ms
42ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 01:36:27 GMT
expires: Fri, 19 Jul 2024 01:36:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3884 783 B
534 B 56ms
56ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dbf2cd8fb275c4993cf874962396c7df9c6c79e5bd6e436c51f6f580e0632de0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kaAYeIrkmnmHGUKeEYqAKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-kaAYeIrkmnmHGUKeEYqAKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 02:10:05 GMT
expires: Thu, 20 Jul 2023 02:10:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 41ms
41ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1689819005597&de=667058735367&m=0&ar=c013c52fed3-clean&iw=a26c119&q=7&cb=0&ym=0&cu=1689819005597&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5134346611%3A3197325587%3A6292938605%3A138424532569&zMoatPS=300_2v&zMoatSZ=301x251&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_2v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1688%3A2224%3A3641%3A1700&fs=204627&na=2115658011&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
H2

404

404
www.darkreading.com/ Frame 427D
Redirect Chain

https://www.darkreading.com/sites/all/themes/penton_core_theme/images/ContentPillar_Welcome_1200.png
https://www.darkreading.com/404

294 KB
294 KB

161ms
160ms

Image
text/html

2606:4700::6811:7563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.darkreading.com/404
Protocol: H2
Server: 2606:4700::6811:7563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49830df0e3f875d7115b5c0ed33f2263b2d8e5614bd00a98d31db9b73ca7d15f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:06 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-ray: 7e97aa753a3203f8-FRA

Redirect headers

date: Thu, 20 Jul 2023 02:10:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html
location: /404
cache-control: public, max-age=7200
cf-ray: 7e97aa72985403f8-FRA
expires: Thu, 20 Jul 2023 04:10:06 GMT

GET
H2 200 web.js Show response
cache-ssl.celtra.com/api/creatives/cf175bcd/compiled/ Frame 6761 577 KB
578 KB 261ms
46ms Script
application/javascript 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/cf175bcd/compiled/web.js?v=87-6e5c874289&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/b0789f8d/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuxVkY0aaN0FVJqh6UM-sVxIWge3j6s-irLuBZhyPS4Or-YYUjIW8e0WmtVpqclCDAaNyyWsPetny7dFZcdILpSZRRq-llThAew9WUB0anQviUacvoDmpqrsrS3SkGTFt-2-R61TzvwvIiGnQQ8jqWsQa9tsr2D5AqLCOuCekr-4Km_Y5rBQsirKliWmr5Pw-qcrZMdwe1Jx1yzbGZLVuPLlyKAJp5cxAPdUvdcYCOJBwcTsOo7jB63VhabVyltBw__-opJds3Ho2l1suyxqXJuJXNwgEINCtVUPBH49s1cIJAWTs_T86TjiuxfSME0tZoCX83FMAFngwjIZUktylbVCz7--zP7fmrnapme8MblYz3R4qH8%26sai%3DAMfl-YSYqKMhNpEBAwx26bUGFlF-qrM9ZdTQPaNwo0PuRQsPEJRQdU1bsKrplCh_aqpflqUCaBD31-aEn2UHY-bAP0PcxYJPEGvCoZa9uUJiW7TIpIH7sy_z7DY5R57QR5s%26sig%3DCg0ArKJSzF4lnZYQAo4QEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138408218300&externalCreativeId=138408218300&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6292938605&externalCampaignId=3197325587&externalAdvertiserId=5134346611&coppa=0&scriptId=celtra-script-1&clientTimestamp=1689819005.185&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=5248879489686025
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 56a959481955c6b63d0f4fc3556c5f17f2bbf8bbc481f44e17af994c923a3466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 07:45:20 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 66286
x-cache: Hit from cloudfront
server: Apache
etag: W/"523a532288bc465b8617fdcbf5f90bb8b6edc03e6ce4b5148d9c1535fe09cc9f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2425358
accept-ranges: bytes
x-amz-cf-id: gCxUM69DXF41CRNfmq2NJqhnocx74hUgaYggYrv99o1jrU62RdifcQ==

GET
DATA 200
OK truncated
/ Frame 6761 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 5877a428-1d5f-4fd9-92f0-3644b4560caf
https://www.darkreading.com/ Frame 6761 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.darkreading.com/5877a428-1d5f-4fd9-92f0-3644b4560caf
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Length: 167
Content-Type: image/png

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame 0A63 62 B
309 B 70ms
68ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=62439&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&pv=1689819005865_d9zf0naen&bl=en-us&cb=4814020&return=&ht=&d=&dc=&si=1689819005865_d9zf0naen&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2062023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:05 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ Frame 0A63 20 B
482 B 574ms
182ms Script
application/javascript 52.3.151.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=2062023&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2062023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.151.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-151-18.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 02:10:05 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Fri, 21 Jul 2023 02:10:06 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 45ms
39ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3903155024297357659&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005597&de=667058735367&cu=1689819005597&m=16&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=0&ag=3&an=0&gf=3&gg=0&ix=3&ic=3&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=3&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5&cd=0&ah=5&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3197325587%3A6292938605%3A138424532569&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=301x251&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=14_zb9neb554l000000zb9neb554l000000zb9&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=1033227849&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame BA46 37 KB
14 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 13:53:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jul 2024 13:53:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3884 0
0 147ms
79ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307130101&jk=474561216631179&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 42ms
42ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1689819005643&de=846236746768&m=0&ar=c013c52fed3-clean&iw=a26c119&q=11&cb=0&ym=0&cu=1689819005643&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5161147644%3A3207079677%3A6303472284%3A138437184061&zMoatPS=728_1v&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&bo=22316126855&bp=22339890152&bd=728_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1688%3A2224%3A3641%3A1700&fs=204627&na=25251586&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 41ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F7535176932112437087&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005643&de=846236746768&cu=1689819005643&m=9&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=2&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5161147644%3A3207079677%3A6303472284%3A138437184061&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=7_8yf0uxow0im000008yf0uxow0im000008yf&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=1851672746&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:05 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 46ms
45ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1689819005676&de=116086465019&m=0&ar=c013c52fed3-clean&iw=a26c119&q=15&cb=0&ym=0&cu=1689819005676&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5161147644%3A3105833484%3A6148587061%3A138438523876&zMoatPS=welcome_v&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1688%3A2224%3A3641%3A1700&fs=204627&na=475487882&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:06 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 41ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1689819005736&de=315795097447&m=0&ar=c013c52fed3-clean&iw=a26c119&q=19&cb=0&ym=0&cu=1689819005736&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5006753165%3A2994564374%3A6140096305%3A138409453221&zMoatPS=300_1v_article&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_1v_article&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1688%3A2224%3A3641%3A1700&fs=204627&na=1554739243&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:06 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 46ms
45ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F4420048525364726350&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005736&de=315795097447&cu=1689819005736&m=12&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=5&vx=5%3A-%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&pg=5&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138409453221&bo=22316126855&bp=22339890152&bd=300_1v_article&zMoatPS=300_1v_article&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=9_cqcgglgtd4q00000cqcgglgtd4q00000cqc&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=462856551&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:06 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BA46 0
10 B 50ms
49ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WH4O7Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 51ms
51ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1689819005750&de=373080562936&m=0&ar=c013c52fed3-clean&iw=a26c119&q=23&cb=0&ym=0&cu=1689819005750&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5134346611%3A3197325587%3A6292938605%3A138408218300&zMoatPS=300_1v&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1688%3A2224%3A3641%3A1700&fs=204627&na=1872126514&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:06 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 43ms
42ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Feu-images.contentstack.com%2Fv3%2Fassets%2Fblt66983808af36a8ef%2Fblt4ff4a7f9bc8e31f7%2F619f4fb0a0cb8076d613e3ba%2FDark_Reading_Logo.svg%3Fquality%3D80%26format%3Djpg%26width%3D222&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005676&de=116086465019&cu=1689819005676&m=510&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=0&ag=46&an=0&gf=46&gg=0&ix=46&ic=46&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=46&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=92&cd=0&ah=92&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5161147644%3A3105833484%3A6148587061%3A138438523876&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=154690271&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:06 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg5ODE5MDA1eGU3N2I5ODczMTYzOGMzeDc3MjgwNTA3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTI0ODg2NjgzODE1ODk4NiIsImluZGV4I...
track.celtra.com/json/ 35 B
242 B 504ms
118ms Image
image/gif 52.202.6.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg5ODE5MDA1eGU3N2I5ODczMTYzOGMzeDc3MjgwNTA3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTI0ODg2NjgzODE1ODk4NiIsImluZGV4IjowLCJjbGllbnRUaW1lc3RhbXAiOjE2ODk4MTkwMDYuMzI1LCJuYW1lIjoiY29udGFpbmVyQmVjYW1lVmlld2FibGUifSx7InNlc3Npb25JZCI6InMxNjg5ODE5MDA1eGU3N2I5ODczMTYzOGMzeDc3MjgwNTA3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTI0ODg2NjgzODE1ODk4NiIsImluZGV4IjoxLCJjbGllbnRUaW1lc3RhbXAiOjE2ODk4MTkwMDYuMzMsInNjb3BlIjoiZ2xvYmFsIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNS4wLjU3OTAuOTggU2FmYXJpLzUzNy4zNiIsIm9yaWVudGF0aW9uIjowLCJ0b3Btb3N0UmVhY2hhYmxlV2luZG93Ijp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDB9LCJob3N0V2luZG93Ijp7IndpZHRoIjo1LCJoZWlnaHQiOjV9LCJuZXN0aW5nIjp7ImlmcmFtZSI6dHJ1ZSwiZnJpZW5kbHlJZnJhbWUiOnRydWUsImlhYkZyaWVuZGx5SWZyYW1lIjp0cnVlLCJob3N0aWxlSWZyYW1lIjpmYWxzZSwiaWZyYW1lRGVwdGgiOjF9LCJwYWdlVmlzaWJpbGl0eUFwaSI6dHJ1ZSwicmVxdWVzdEFuaW1hdGlvbkZyYW1lIjp0cnVlLCJ0b3BXaW5kb3dOYXRpdmVSQUZTdXBwb3J0ZWQiOmZhbHNlLCJhbGxvd05vbk5hdGl2ZVJBRkZvclZpZXdhYmxlVGltZVVzZWQiOmZhbHNlLCJjbGllbnRUaW1lWm9uZU9mZnNldEluTWludXRlcyI6MCwic3VwcG9ydHNDb250YWluZXJWaWV3YWJpbGl0eSI6dHJ1ZSwic3VwcG9ydHNDb250YWluZXJJbml0aWFsVmlld2FiaWxpdHkiOnRydWUsInRhZ1BhcmVudFdpZHRoIjowLCJ0YWdQYXJlbnRIZWlnaHQiOjAsImFtcERldGVjdGVkIjpmYWxzZSwiYW1wTmVzdGluZ0xldmVsIjoiIiwic2FmZUZyYW1lRGV0ZWN0ZWQiOmZhbHNlLCJmZXRjaFN1cHBvcnRlZCI6dHJ1ZSwiYXNhcEVuYWJsZWQiOnRydWUsIm5hdGl2ZVByb21pc2VzU3VwcG9ydGVkIjp0cnVlLCJiZWFjb25TdXBwb3J0ZWQiOnRydWUsIkludGVyc2VjdGlvbk9ic2VydmVyU3VwcG9ydGVkIjp0cnVlLCJpc011dGF0aW9uT2JzZXJ2ZXJTdXBwb3J0ZWQiOnRydWUsIndlYlZpZXciOm51bGwsImlzV2luZG93T3Blbk5hdGl2ZSI6dHJ1ZSwicHJvdG9Mb2FkaW5nIjp7ImRhdGFMb2FkU3RhdHVzIjoic3VwcG9ydGVkIiwiYmxvYkxvYWRTdGF0dXMiOiJzdXBwb3J0ZWQifSwidG9wV2luZG93TG9jYXRpb24iOiJodHRwczovL3d3dy5kYXJrcmVhZGluZy5jb20iLCJ0b3BXaW5kb3dMb2NhdGlvbkxlbmd0aCI6MjcsIm5hbWUiOiJlbnZpcm9ubWVudEluZm8ifV19?crc32c=2596854652
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.6.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-6-212.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 20 Jul 2023 02:10:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 1454a71d-cdbb-429c-8092-122f4493e0c7.woff
cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/ Frame F77E 15 KB
15 KB 126ms
45ms Font
application/font-woff 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/1454a71d-cdbb-429c-8092-122f4493e0c7.woff?subset=%20!()%2C13469%3A%3BABCDEFGHIKLMNOPRSTUVWXabcdefghiklmnoprstuvwyz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: c6aba51a88d889027cb0aa2ac31fefee6249e32833e8c31071397e080dcbba98

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:27 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4883979
x-cache: Hit from cloudfront
content-length: 15184
server: Apache
etag: "c6aba51a88d889027cb0aa2ac31fefee6249e32833e8c31071397e080dcbba98"
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 9584641
accept-ranges: bytes
x-amz-cf-id: Iqj_Edpb9PzabG-GhfdMcQj3xDeiMnKWP6ofOrWzkUE9yFY0dh3MfQ==

GET
H2 200 57625f96-ca80-4602-9644-ec1803cb3ba3.woff
cache-ssl.celtra.com/api/fonts/monotype_tradegothicnext400n/3_78b829381fc6cb8a15b0da13bda2ee2fe6786c2b2c1c7b121149bf4daf6870f6/ Frame F77E 9 KB
10 KB 123ms
51ms Font
application/font-woff 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/monotype_tradegothicnext400n/3_78b829381fc6cb8a15b0da13bda2ee2fe6786c2b2c1c7b121149bf4daf6870f6/57625f96-ca80-4602-9644-ec1803cb3ba3.woff?subset=%20%2C-.01345AHIKLMNPSTUabcdefghiklmnoprstuvwxyz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 50973e00ee7e093e77f2127562eaf1351206f5801a891faaa0a70514f3d6196b

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:30:27 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4883979
x-cache: Hit from cloudfront
content-length: 9432
server: Apache
etag: "50973e00ee7e093e77f2127562eaf1351206f5801a891faaa0a70514f3d6196b"
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2329853
accept-ranges: bytes
x-amz-cf-id: myR82TofGKVfDAoc5_lKSIwRubrmVJYQbWiajJY2L_XdzRD1ZsmqJQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6761 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxclq3Bw0pBw_r_y94ZgDNMbCu1-bn898rQy16WvsRFeNwr7Z9qE4JEw0AoK1PuyLtjk7lJScZ4lkhomrax64a41OlFn5kxoNPReo1rBzehV6fmrNBuoHs9ZH16KvYrxhXULXWv8BwdIxKDEhFE2Itt0Vc3mXngkZtcKZqKTe3b8YTuFxp3N18DWxVoeUT7HdB62vF7jr-FknIntYoyQHdQxi7v4PGLwgpSSKYk7leyYZXkvTAbxI1OPowtIIyqF_N8PjuudN8A-WWvDhGx-uzX16Xg3304AcK-o69nsqsqdm5TwO0iokpKenKbc70nm2FmliSn85OmhXy-yo23Ax8G6YU0Lbi0rcLoLHkKS1UUtUQfOJMIxII6Hc&sai=AMfl-YTXiCnw2NOVVLpW8mv7bLWPRD5O1RKva9HLDMdwMkxrn1AkT1lXPurqd8o4ACfga5Q07x8qAsS3M6ujzfm3VrYeBEk6PV4f-RXrfmYIRaZfaYJU9VUyKz3ADrzbLzk&sig=Cg0ArKJSzBHhiAkSPLjOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Jul 2023 02:10:06 GMT

GET
H2 200 Resource%201.jpg
cache-ssl.celtra.com/api/blobs/161cd6f6ce0ff3719aa190df65e94618726785ea1ddbcbd115b57228f1c137b2/ Frame F77E 1 KB
2 KB 45ms
42ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/161cd6f6ce0ff3719aa190df65e94618726785ea1ddbcbd115b57228f1c137b2/Resource%201.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 32ea9278a43d9dd2fb9b95d32b1af2b007b0e43632dd62ad58397022f2319795

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:55:05 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4882500
x-cache: Hit from cloudfront
content-length: 1090
server: Apache
etag: "32ea9278a43d9dd2fb9b95d32b1af2b007b0e43632dd62ad58397022f2319795"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2197021
accept-ranges: bytes
x-amz-cf-id: NKrMxcg2op3kxUQlGrz5lrCPFI3GS4ecHuQ1nJBu4yxUfK_UQ3NTog==

GET
H2 200 Resource%202.jpg
cache-ssl.celtra.com/api/blobs/15ffb3faee77c5c4cd5e0abec2ae87c3f7299d1710b3dde0d1e7318c78cc8a41/ Frame F77E 2 KB
3 KB 44ms
41ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/15ffb3faee77c5c4cd5e0abec2ae87c3f7299d1710b3dde0d1e7318c78cc8a41/Resource%202.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 0cb1f38d61653157e68473122673d1341e3fa8be59749683fb5b19f97d7b658c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:55:05 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4882500
x-cache: Hit from cloudfront
content-length: 2417
server: Apache
etag: "0cb1f38d61653157e68473122673d1341e3fa8be59749683fb5b19f97d7b658c"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 8597773
accept-ranges: bytes
x-amz-cf-id: qkkYEQx_TuRuSPUyBQ7n90tEZylP0uFv56mOkPpsI5DJ5Xlg9khgJg==

GET
H2 200 Resource%203.jpg
cache-ssl.celtra.com/api/blobs/cd659c86ae3bfd854e962a603c26c4c6bf04cb06a9e99b7e4b879a638982e6cb/ Frame F77E 1016 B
1 KB 45ms
42ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/cd659c86ae3bfd854e962a603c26c4c6bf04cb06a9e99b7e4b879a638982e6cb/Resource%203.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 33d4e261184b7d803ce2c30933d06f222eb1a1d9856ebc37a200fd746d2adcfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:55:05 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4882500
x-cache: Hit from cloudfront
content-length: 1016
server: Apache
etag: "33d4e261184b7d803ce2c30933d06f222eb1a1d9856ebc37a200fd746d2adcfb"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 242724
accept-ranges: bytes
x-amz-cf-id: 9Rjw7XLpqRe_NQl6Cl6hz2fKlwFSEoIF7eziVLTl7Vp4kUlYlNXyMA==

GET
H2 200 Resource%204.jpg
cache-ssl.celtra.com/api/blobs/723775cbbff83de2689c45a84876f1a1523d34e8a443d6d40e94c5ea75528e70/ Frame F77E 1 KB
2 KB 46ms
41ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/723775cbbff83de2689c45a84876f1a1523d34e8a443d6d40e94c5ea75528e70/Resource%204.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: ccc55d0a01b653671b6d8aca6abdaeba5202d849fe4eab33668b9dd2fd4cbc06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:55:05 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4882500
x-cache: Hit from cloudfront
content-length: 1504
server: Apache
etag: "ccc55d0a01b653671b6d8aca6abdaeba5202d849fe4eab33668b9dd2fd4cbc06"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3558714
accept-ranges: bytes
x-amz-cf-id: lGYZWuc2YsZlaeXbnI1m9jvNXmNjgXR3CxrVKss1RZ6YItMA2C8sow==

GET
H2 200 Resource%205.jpg
cache-ssl.celtra.com/api/blobs/c9bdafc2a01dc71f3a92126da67718f64a8e1e9c3d3e71f99c29f11feb75a4d0/ Frame F77E 830 B
1 KB 47ms
43ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c9bdafc2a01dc71f3a92126da67718f64a8e1e9c3d3e71f99c29f11feb75a4d0/Resource%205.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d7ab1b38259b52fb84c04d55fc1125509cf0df05f897fc77fec4edf9db7a1595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:55:05 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4882500
x-cache: Hit from cloudfront
content-length: 830
server: Apache
etag: "d7ab1b38259b52fb84c04d55fc1125509cf0df05f897fc77fec4edf9db7a1595"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1122792
accept-ranges: bytes
x-amz-cf-id: 8aoDpLoi068iCxCkhpoQX5gqfuVWTGhD-cCMUkakRWjgCyZQLKWKlQ==

GET
H2 200 celtra%20icons_link-wht.svg
cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/ Frame F77E 737 B
1 KB 45ms
41ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/celtra%20icons_link-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:15:21 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 22852484
x-cache: Hit from cloudfront
content-length: 737
server: Apache
etag: "4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 19038683 144506917
accept-ranges: bytes
x-amz-cf-id: 7PJty4L--ZaPGoEQ3yQKGZk5R_EulfMtGNSLfnHlivhiWRQ09A7cnw==

GET
H2 200 celtra%20icons_link-spn.svg
cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/ Frame F77E 740 B
1 KB 47ms
43ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/celtra%20icons_link-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 22 May 2023 05:08:57 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5086868
x-cache: Hit from cloudfront
content-length: 740
server: Apache
etag: "64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2933215
accept-ranges: bytes
x-amz-cf-id: Dx0S5_1pyrMFNiT81IsOFdfW2YuI-iACu_7o3m9yH8Rg2sFNQITIjg==

GET
H2 200 celtra%20icons_twit-wht.svg
cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/ Frame F77E 1 KB
2 KB 46ms
42ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/celtra%20icons_twit-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:16:38 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 22852408
x-cache: Hit from cloudfront
content-length: 1503
server: Apache
etag: "06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 55083622 1573006
accept-ranges: bytes
x-amz-cf-id: 9aA-oXUqjGkjVyXOrcjzkPafu80FY73zvJn8a7NsRwkYdfWvAXmkkg==

GET
H2 200 celtra%20icons_twit-spn.svg
cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/ Frame F77E 1 KB
2 KB 48ms
44ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/celtra%20icons_twit-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 22 May 2023 05:08:57 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5086868
x-cache: Hit from cloudfront
content-length: 1506
server: Apache
etag: "89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4144394
accept-ranges: bytes
x-amz-cf-id: DF6i5BcsJSEtRvzyKnOSm5nu3xfzFBRg3Jgqmb0YJJ9MHA9FDpC8Hg==

GET
H2 200 celtra%20icons_face-wht.svg
cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/ Frame F77E 802 B
1 KB 48ms
43ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/celtra%20icons_face-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:58:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 14541085
x-cache: Hit from cloudfront
content-length: 802
server: Apache
etag: "1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2037202
accept-ranges: bytes
x-amz-cf-id: uqq9yalm9eZa0JlWELdcFAbQ51sF4Zn8_ssyGCHMLrwxm3EVL4rH4g==

GET
H2 200 celtra%20icons_face-spn.svg
cache-ssl.celtra.com/api/blobs/de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183/ Frame F77E 805 B
1 KB 81ms
76ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183/celtra%20icons_face-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 22 May 2023 05:08:57 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5086868
x-cache: Hit from cloudfront
content-length: 805
server: Apache
etag: "de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 17727780
accept-ranges: bytes
x-amz-cf-id: Jloo0r1g4KjICbsgJKPlrfNAflV8Mo0tcs1f3dD8jude9kHWsKvfaw==

GET
H2 200 celtra%20icons_yout-wht.svg
cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/ Frame F77E 1 KB
2 KB 81ms
77ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/celtra%20icons_yout-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:42:43 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5135242
x-cache: Hit from cloudfront
content-length: 1204
server: Apache
etag: "2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 16257361 4956830
accept-ranges: bytes
x-amz-cf-id: Y18cE4TKLHS09kUXvwjAdj9qIHOwFvM9HXMtEoDVXlh9wPLI6ua6YA==

GET
H2 200 celtra%20icons_yout-spn.svg
cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/ Frame F77E 704 B
1 KB 81ms
77ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/celtra%20icons_yout-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 22 May 2023 04:17:31 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5089954
x-cache: Hit from cloudfront
content-length: 704
server: Apache
etag: "41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 17018948 1711355
accept-ranges: bytes
x-amz-cf-id: m-NKe8PRkFtoq85U2ggomlOgjNnI0wvMx79m20MHEuBCGX4dQ2LqzQ==

GET
H2 200 Mandiant-Google-Logo-Lock-up-and-Tagline_rgb_Full-Color-on-Light.png
cache-ssl.celtra.com/api/blobs/c452c4a5355218eab38b48a9bf66f985f39c4c685de33cf7da58efd4da74bb20/ Frame F77E 10 KB
10 KB 81ms
77ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c452c4a5355218eab38b48a9bf66f985f39c4c685de33cf7da58efd4da74bb20/Mandiant-Google-Logo-Lock-up-and-Tagline_rgb_Full-Color-on-Light.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 3ab7d7cd287b3914f7b8b89484e90bd53ee1d3d3f68be01f0e6a7406a4e82afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 26 May 2023 10:34:15 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4721750
x-cache: Hit from cloudfront
content-length: 9750
server: Apache
etag: "3ab7d7cd287b3914f7b8b89484e90bd53ee1d3d3f68be01f0e6a7406a4e82afa"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 7604972 3475840
accept-ranges: bytes
x-amz-cf-id: Mw67ODxq0jNj-sGbbcVTORsjT-pJC4eIRVB_Yt70zo-dFwJw8JaOIg==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0A63 0
0 81ms
81ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvngGvCTrGTva2dKjPf1c9QHwSHbObryfet4nU-eofPYmnDUNxmVpqpIGybGakeHnl335Ime2Vf3HQTRy1yewkWjY2zbp78GBuEUgjAQj4rfMnXgzOQ92QhJKhv1D-oi8jo47pNRU4yV3HnUMQ73jGvVr_l39RluaESqZMBuvjPJLxdcJp-VAvl8RA32oCFSTYkhmQNwkPkY5_s2J9rUThAAeAkbtgIMAUYcdxjwMXRu-zeXMj33QRjeAqjNe6w6Y5ZJkWOgHP7bIeIU8gcEa5fHzxf_0BQ3UJG3EFdP64Mw76GdFU_DbYzY5cLLJvc39p3g1jnIbTzDLHwRH0lotAHcCMsaF8IttLkCWFFKAUKCvp_DiK-ng&sai=AMfl-YTjaLp_-yUCxHMNQyMFahXYIURxR4_9xX8YMzimq6t22BUEmAa1lj0PVmPr5tGHSzA8LohUUrzFaB-bbCEr0_cSVUwLN2FOn7bMR6smciQRZHs8aD-z3u_rKCFaGuQ&sig=Cg0ArKJSzF6gTkir-1r7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:10:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Jul 2023 02:10:06 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg5ODE5MDA1eGU3N2I5ODczMTYzOGMzeDc3MjgwNTA3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTI0ODg2NjgzODE1ODk4NiIsImluZGV4I...
track.celtra.com/json/ 35 B
242 B 468ms
116ms Image
image/gif 52.202.6.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg5ODE5MDA1eGU3N2I5ODczMTYzOGMzeDc3MjgwNTA3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTI0ODg2NjgzODE1ODk4NiIsImluZGV4IjoyLCJjbGllbnRUaW1lc3RhbXAiOjE2ODk4MTkwMDYuNTEzLCJuYW1lIjoiYWdncmVnYXRvciIsIm1ldHJpYyI6Im1vbm90eXBlVXNhZ2VSZXBvcnRlZCIsInZhbHVlIjoxLCJjdXN0b21EaW1lbnNpb25zIjp7Im1vbm90eXBlUHJvamVjdElkIjoiYzQ2ZWQwOTAtMzY3MS00MTYzLWE4NWItYjA2YjQwMzhhZTM4IiwiY3JlYXRpdmVJZCI6ImNmMTc1YmNkIn19XX0=?crc32c=2824535764
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.6.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-6-212.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 20 Jul 2023 02:10:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 celtra%20icons_link-wht.svg
cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/ Frame F77E 737 B
1 KB 52ms
50ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/celtra%20icons_link-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:14:12 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 15382554
x-cache: Hit from cloudfront
content-length: 737
server: Apache
etag: "4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3783264
accept-ranges: bytes
x-amz-cf-id: FQcZcBYtrftMemWWXCfvOHUppnWoJiSe_VeVcnYWkclHrC3CDLu9Ag==

GET
H2 200 celtra%20icons_link-spn.svg
cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/ Frame F77E 740 B
1 KB 52ms
49ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/celtra%20icons_link-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 22:44:00 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 530766
x-cache: Hit from cloudfront
content-length: 740
server: Apache
etag: "64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2692775
accept-ranges: bytes
x-amz-cf-id: U3nXI6hnNrGh0wE2yS_Yj4hdXMysSSfr7ZFXZWrqp1a9N0EFcrH6sw==

GET
H2 200 celtra%20icons_twit-wht.svg
cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/ Frame F77E 1 KB
2 KB 53ms
50ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/celtra%20icons_twit-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:41:30 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16921716
x-cache: Hit from cloudfront
content-length: 1503
server: Apache
etag: "06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 53017773
accept-ranges: bytes
x-amz-cf-id: 0zfT35ln5I72o7o4VtHzp7Zb74mMpAjaDBX3_lDyZpg2f57CqIUK6Q==

GET
H2 200 celtra%20icons_twit-spn.svg
cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/ Frame F77E 1 KB
2 KB 51ms
49ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/celtra%20icons_twit-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 02:08:11 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3196915
x-cache: Hit from cloudfront
content-length: 1506
server: Apache
etag: "89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1222381
accept-ranges: bytes
x-amz-cf-id: AkzPGLbp0g8ZUZzFuWTKgPYd8KiHWB4iULdVl24qP-op3KeVnWdF2w==

GET
H2 200 celtra%20icons_face-wht.svg
cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/ Frame F77E 802 B
1 KB 52ms
49ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/celtra%20icons_face-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 10:07:51 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7056135
x-cache: Hit from cloudfront
content-length: 802
server: Apache
etag: "1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 958868
accept-ranges: bytes
x-amz-cf-id: f1EUxIOIkvadV0tU9ysG_A6xKc4qo_ptxxf-66FJt7LR69PY1sjWSw==

GET
H2 200 celtra%20icons_face-spn.svg
cache-ssl.celtra.com/api/blobs/de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183/ Frame F77E 805 B
1 KB 52ms
50ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183/celtra%20icons_face-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 05:56:54 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 159192
x-cache: Hit from cloudfront
content-length: 805
server: Apache
etag: "de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2304027
accept-ranges: bytes
x-amz-cf-id: HtW2X5gWl_aNKpv0_CtXCmJD0NKBbf_-wH8mOxeSiob8M-LQ4BuplQ==

GET
H2 200 celtra%20icons_yout-wht.svg
cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/ Frame F77E 1 KB
2 KB 52ms
50ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/celtra%20icons_yout-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 22:19:38 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 532227
x-cache: Hit from cloudfront
content-length: 1204
server: Apache
etag: "2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 596719 726459
accept-ranges: bytes
x-amz-cf-id: J_jx2lUQIf5DtaErjX6j5VzOxX_ifMxRUkFCI9p-fj0l_J2e78utaw==

GET
H2 200 celtra%20icons_yout-spn.svg
cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/ Frame F77E 704 B
1 KB 52ms
51ms Image
image/svg+xml 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/celtra%20icons_yout-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 22:44:00 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 530766
x-cache: Hit from cloudfront
content-length: 704
server: Apache
etag: "41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 174564
accept-ranges: bytes
x-amz-cf-id: WEBG4YbXwwIlH4ZG6LFZzzYAG9VsG7TtUyevC1cfH5zbZ-dSeVhwtw==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c452c4a5355218eab38b48a9bf66f985f39c4c685de33cf7da58efd4da74bb20/Mandiant-Google-Logo-Lock-up-and-Tagline_rgb_Full-Color-on-Light.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 3ab7d7cd287b3914f7b8b89484e90bd53ee1d3d3f68be01f0e6a7406a4e82afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 26 May 2023 10:34:15 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4721750
x-cache: Hit from cloudfront
content-length: 9750
server: Apache
etag: "3ab7d7cd287b3914f7b8b89484e90bd53ee1d3d3f68be01f0e6a7406a4e82afa"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 7604972 3475840
accept-ranges: bytes
x-amz-cf-id: -uc-Q-Z7VspBzXsen1_zN8s2cl3BvYySo1C7Dq6KxBWH5Us_kouadA==

GET
H2 200 Resource%201.jpg
cache-ssl.celtra.com/api/blobs/161cd6f6ce0ff3719aa190df65e94618726785ea1ddbcbd115b57228f1c137b2/ Frame F77E 1 KB
2 KB 53ms
51ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/161cd6f6ce0ff3719aa190df65e94618726785ea1ddbcbd115b57228f1c137b2/Resource%201.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 32ea9278a43d9dd2fb9b95d32b1af2b007b0e43632dd62ad58397022f2319795

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 06:31:37 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 848309
x-cache: Hit from cloudfront
content-length: 1090
server: Apache
etag: "32ea9278a43d9dd2fb9b95d32b1af2b007b0e43632dd62ad58397022f2319795"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 818019
accept-ranges: bytes
x-amz-cf-id: T_D8qE7cr_a0MIkXraKKnMDqMNLk-xfaMhoW1Ts5qAIVUWDAqzCo5g==

GET
H2 200 Resource%202.jpg
cache-ssl.celtra.com/api/blobs/15ffb3faee77c5c4cd5e0abec2ae87c3f7299d1710b3dde0d1e7318c78cc8a41/ Frame F77E 2 KB
3 KB 54ms
53ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/15ffb3faee77c5c4cd5e0abec2ae87c3f7299d1710b3dde0d1e7318c78cc8a41/Resource%202.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 0cb1f38d61653157e68473122673d1341e3fa8be59749683fb5b19f97d7b658c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 12:41:02 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1776544
x-cache: Hit from cloudfront
content-length: 2417
server: Apache
etag: "0cb1f38d61653157e68473122673d1341e3fa8be59749683fb5b19f97d7b658c"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 34841
accept-ranges: bytes
x-amz-cf-id: aLYFSOG4EG09AD7fG0pvWewzswQrOOUftDZbUZ-UlVget31N_fL60g==

GET
H2 200 Resource%203.jpg
cache-ssl.celtra.com/api/blobs/cd659c86ae3bfd854e962a603c26c4c6bf04cb06a9e99b7e4b879a638982e6cb/ Frame F77E 1016 B
1 KB 54ms
53ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/cd659c86ae3bfd854e962a603c26c4c6bf04cb06a9e99b7e4b879a638982e6cb/Resource%203.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 33d4e261184b7d803ce2c30933d06f222eb1a1d9856ebc37a200fd746d2adcfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 22:44:00 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 530766
x-cache: Hit from cloudfront
content-length: 1016
server: Apache
etag: "33d4e261184b7d803ce2c30933d06f222eb1a1d9856ebc37a200fd746d2adcfb"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 239362
accept-ranges: bytes
x-amz-cf-id: VIgfmMUBnfGj6duE2-1sscr8X7gBx9HvzeXNm5Gq4clwjAmN18Mw1Q==

GET
H2 200 Resource%204.jpg
cache-ssl.celtra.com/api/blobs/723775cbbff83de2689c45a84876f1a1523d34e8a443d6d40e94c5ea75528e70/ Frame F77E 1 KB
2 KB 54ms
53ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/723775cbbff83de2689c45a84876f1a1523d34e8a443d6d40e94c5ea75528e70/Resource%204.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: ccc55d0a01b653671b6d8aca6abdaeba5202d849fe4eab33668b9dd2fd4cbc06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 20:04:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2354756
x-cache: Hit from cloudfront
content-length: 1504
server: Apache
etag: "ccc55d0a01b653671b6d8aca6abdaeba5202d849fe4eab33668b9dd2fd4cbc06"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1381295
accept-ranges: bytes
x-amz-cf-id: RVHdRgkGsq_jSYXTb1HRO-VaWVDnn0weVDA_xehNG2DBonVgtCxjVw==

GET
H2 200 Resource%205.jpg
cache-ssl.celtra.com/api/blobs/c9bdafc2a01dc71f3a92126da67718f64a8e1e9c3d3e71f99c29f11feb75a4d0/ Frame F77E 830 B
1 KB 55ms
54ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c9bdafc2a01dc71f3a92126da67718f64a8e1e9c3d3e71f99c29f11feb75a4d0/Resource%205.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d7ab1b38259b52fb84c04d55fc1125509cf0df05f897fc77fec4edf9db7a1595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 02:11:02 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 86344
x-cache: Hit from cloudfront
content-length: 830
server: Apache
etag: "d7ab1b38259b52fb84c04d55fc1125509cf0df05f897fc77fec4edf9db7a1595"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 893844
accept-ranges: bytes
x-amz-cf-id: BO37P_fcIIa7zQ5pWFNpc6Jd4kdOQdQsAj-iM5AfzFop1TMginiYWA==

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg5ODE5MDA1eGU3N2I5ODczMTYzOGMzeDc3MjgwNTA3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTI0ODg2NjgzODE1ODk4NiIsImluZGV4I...
track.celtra.com/json/ 35 B
242 B 431ms
118ms Image
image/gif 52.202.6.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg5ODE5MDA1eGU3N2I5ODczMTYzOGMzeDc3MjgwNTA3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTI0ODg2NjgzODE1ODk4NiIsImluZGV4IjozLCJjbGllbnRUaW1lc3RhbXAiOjE2ODk4MTkwMDYuNTM0LCJuYW1lIjoiY3JlYXRpdmVMb2FkZWQiLCJ2aWV3YWJpbGl0eTAwTWVhc3VyYWJsZSI6dHJ1ZSwidmlld2FiaWxpdHk1MDFNZWFzdXJhYmxlIjp0cnVlLCJ2aWV3YWJsZVRpbWVNZWFzdXJhYmxlIjpmYWxzZSwiY2RuVmFyaWFudCI6Im5vbmUifSx7InNlc3Npb25JZCI6InMxNjg5ODE5MDA1eGU3N2I5ODczMTYzOGMzeDc3MjgwNTA3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTI0ODg2NjgzODE1ODk4NiIsImluZGV4Ijo0LCJjbGllbnRUaW1lc3RhbXAiOjE2ODk4MTkwMDYuNTUyLCJuYW1lIjoidmlld3BvcnRQbGFjZW1lbnRHZW9tZXRyeSIsInBhZ2VEaW1lbnNpb25zIjp7ImhlaWdodCI6NDA3Niwid2lkdGgiOjE2MDB9LCJ2aWV3cG9ydFBvc2l0aW9uUmVjdCI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJsZWZ0IjowLCJ0b3AiOjB9LCJmaXJzdFBsYWNlbWVudFBvc2l0aW9uUmVjdCI6eyJsZWZ0Ijo5ODgsInRvcCI6Mjk2LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjc2NX19LHsic2Vzc2lvbklkIjoiczE2ODk4MTkwMDV4ZTc3Yjk4NzMxNjM4YzN4NzcyODA1MDciLCJhY2NvdW50SWQiOiI0NGI3NGIzNSIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjIxMjQ4ODY2ODM4MTU4OTg2IiwiaW5kZXgiOjUsImNsaWVudFRpbWVzdGFtcCI6MTY4OTgxOTAwNi41NjMsIm5hbWUiOiJ2aWV3YWJsZTAwIiwiY3JpdGVyaW9uIjp7Im5hbWUiOiJDb3JlIiwicmF0aW8iOjAsInRpbWUiOjB9fSx7InNlc3Npb25JZCI6InMxNjg5ODE5MDA1eGU3N2I5ODczMTYzOGMzeDc3MjgwNTA3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTI0ODg2NjgzODE1ODk4NiIsImluZGV4Ijo2LCJjbGllbnRUaW1lc3RhbXAiOjE2ODk4MTkwMDYuNTY1LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6bnVsbCwic2NyZWVuTG9jYWxJZCI6MzgwNDUsInNjcmVlblRpdGxlIjoiUmVzb3VyY2VzIiwic2NyZWVuSXNNYXN0ZXIiOmZhbHNlLCJvYmplY3RMb2NhbElkIjpudWxsLCJvYmplY3ROYW1lIjpudWxsLCJvYmplY3RDbGF6eiI6bnVsbCwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY4OTgxOTAwNi41NjQsIm5hbWUiOiJzY3JlZW5TaG93biJ9LHsic2Vzc2lvbklkIjoiczE2ODk4MTkwMDV4ZTc3Yjk4NzMxNjM4YzN4NzcyODA1MDciLCJhY2NvdW50SWQiOiI0NGI3NGIzNSIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjIxMjQ4ODY2ODM4MTU4OTg2IiwiaW5kZXgiOjcsImNsaWVudFRpbWVzdGFtcCI6MTY4OTgxOTAwNi41NjUsIm5hbWUiOiJjcmVhdGl2ZVJlbmRlcmVkIn1dfQ==?crc32c=1704807725
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.6.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-6-212.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 20 Jul 2023 02:10:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 iMac.png
cache-ssl.celtra.com/api/blobs/12ce17071c09b7ca2c5f85386fc887c62a93acbe3992040fe445f7d520351a0b/ Frame F77E 277 KB
278 KB 51ms
42ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/12ce17071c09b7ca2c5f85386fc887c62a93acbe3992040fe445f7d520351a0b/iMac.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 3d238f5d9ce7c53e06aa9d28b552db871fb0bb90a42a544a7ce2ed7c7ae2f07d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 22 May 2023 05:08:08 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5086917
x-cache: Hit from cloudfront
content-length: 283662
server: Apache
etag: "3d238f5d9ce7c53e06aa9d28b552db871fb0bb90a42a544a7ce2ed7c7ae2f07d"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 6106506 19684984
accept-ranges: bytes
x-amz-cf-id: ZkPO7mFQ0iK_ZBMw67TshpNCXuXQlcjZkUz-DjzVk72m8Mn8DSa05Q==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 41ms
41ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005643&de=846236746768&cu=1689819005643&m=1043&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=1&ag=1037&an=2&gi=1&gf=1037&gg=2&ix=1037&ic=1037&ez=1&ck=1037&kw=838&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1037&bx=2&ci=1037&jz=838&dj=1&aa=0&ad=930&cn=0&gk=930&gl=0&ik=930&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=838&cd=4&ah=838&am=4&xd=00&rf=0&re=1&ft=930&fv=0&fw=930&wb=1&cl=0&at=0&d=5161147644%3A3207079677%3A6303472284%3A138437184061&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=7_8yf0uxow0im000008yf0uxow0im000008yf&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=867910640&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307130101&jk=474561216631179&bg=!-vml-a3NAAa3SiIRl0o7ADkAdvg8Wgz9pKc6_PuSEN2w1kwNttYAfv9_BCo6rjbM6AEbajxxZZmtmoi37nNqhh5O5E9XIXAEKBsCAAAAnlIAAAAKaAEHmQKjPsFiiTeMzxq4j-JZb0ITkyfxqujsQF9s7hOAUVrucFgk6mAWsv6ByvCdAaodPhatmfYF6yab-PFou7nHcvdxwiF4zH1XIBC_yM7pq9qSq5psYaE1u0_fsLB6T1WQ2ZLcmoHdmTsfW4f9OeZeFwRKyO8fZio9juoO1Mpaw0zGLzQpYIhgChE2Ak-etAwX1SDgtUadllsvGM6Y3DmtK990ycdDxcWGokvqV0HIvVWBlFt2sXh5rR4t2GrdebvX2NRfKi1emd_PsJr-pkVJwKzFtwtN02wHjs697MV83SYByrWMXjCN0F9H3hBFwXb1T9KQ1f-fvJl0p6jphDaYvLmPOMEJvyBogixlOVi28e6XbXO4Xv-Q_RpnNl7iR9UQvMmthKKI8cYbvO6d_7Wssd_CSHplCUUR7DvcrX2kM1aLicwSF3pdx5hFjkIfhbcQDumhQS9NqefwqSXxaxIZsoUVFkc_b3QNZREHLhmfF47hTDUONozzNPLUgC3WbN3IHtsUgfbOpRAFuGh-H2NOQHl0uHbBlKNNsTVhUKhRzEhHDhGKce1CrXUzwd4pLuMW8iQVsvs1ofoGZokBRNEHIYtAkt6P7fLg2qf-Kul8dW7OThZSjuMHT-F-QbokaNKU7bicI5fWxDa6bwfhqlr8RkqKjup3g1zVGxUae_OIiPq1y9Wl3jRPlqTC5-us04xOfkseLND0IM5A4zmhHYO2n_ywMGLT2YjSQQgMcmaX_dsLw_U8UNCpwdEx4lmSaefqp6eNGIBXcAOy3J4ZQhgZzWmsIgRrVcxiLd1UIlTUxKBEJMp_e6tmCOckS1QI90mzBt7icpuca4TXdwk62f872JIQDe9NO-MglKzwrWddTyHJc36uDidV-ctLYnPJX-ANemMdOgBy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 427D 42 B
108 B 77ms
75ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJe0-iaRa3DVHgkjPlDQSgnHW_pmkNzOwW1231-FXrzJCferai9UNqXns-OY6wX7aB4apSKhBfPkKbRB6wgGU3L575ayojdWh9NZUOQer1wPsrrpC2&sig=Cg0ArKJSzNCp99ZyuhgSEAE&id=lidar2&mcvt=1001&p=0,0,1200,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230717&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2734278250&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689819005105&rpt=564&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2B7B 42 B
174 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxvBayYAFqfuZknSsLBpz1yHpdPnAxeQd0XOMjU8DuH1d4rQj-oTh5Gtxah5huIrqXb2HsDx9p8IBCGzlrZIGFmEN8OXS7qH8keyI8XNYHnhEQh1XG&sig=Cg0ArKJSzGlrepIxe2oLEAE&id=lidar2&mcvt=1004&p=126,436,216,1164&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230717&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3212010195&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689819005176&rpt=463&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 41ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005643&de=846236746768&cu=1689819005643&m=1044&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=1&ag=1037&an=1037&gi=1&gf=1037&gg=1037&ix=1037&ic=1037&ez=1&ck=1037&kw=838&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1037&bx=1037&ci=1037&jz=838&dj=1&aa=0&ad=930&cn=930&gk=930&gl=930&ik=930&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=838&cd=838&ah=838&am=838&xd=00&rf=0&re=1&ft=930&fv=930&fw=930&wb=1&cl=0&at=0&d=5161147644%3A3207079677%3A6303472284%3A138437184061&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=7_8yf0uxow0im000008yf0uxow0im000008yf&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=1273923758&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:06 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 40ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005643&de=846236746768&cu=1689819005643&m=1045&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=1&ag=1037&an=1037&gi=1&gf=1037&gg=1037&ix=1037&ic=1037&ez=1&ck=1037&kw=838&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1037&bx=1037&ci=1037&jz=838&dj=1&aa=0&ad=930&cn=930&gk=930&gl=930&ik=930&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=838&cd=838&ah=838&am=838&xd=00&rf=0&re=1&ft=930&fv=930&fw=930&wb=1&cl=0&at=0&d=5161147644%3A3207079677%3A6303472284%3A138437184061&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=7_8yf0uxow0im000008yf0uxow0im000008yf&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=1491927470&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:06 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 41ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.darkreading.com%2F%2Fthreat-intelligence%2F-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=765&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005750&de=373080562936&cu=1689819005750&m=1010&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=0&ag=55&an=0&gf=55&gg=0&ix=55&ic=55&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=55&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=110&cd=0&ah=110&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3197325587%3A6292938605%3A138408218300&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=13_o88kkx2562800000o88kkx2562800000o88&hv=Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=2127816074&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:06 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 47ms
47ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005643&de=846236746768&cu=1689819005643&m=1249&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=1&ag=1243&an=1037&gi=1&gf=1243&gg=1037&ix=1243&ic=1243&ez=1&ck=1037&kw=838&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1243&bx=1037&ci=1037&jz=838&dj=1&aa=1&ad=1136&cn=930&gn=1&gk=1136&gl=930&ik=1136&co=1136&cp=1039&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1039&cd=838&ah=1039&am=838&xd=00&rf=0&re=1&ft=1136&fv=930&fw=930&wb=1&cl=0&at=0&d=5161147644%3A3207079677%3A6303472284%3A138437184061&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=7_8yf0uxow0im000008yf0uxow0im000008yf&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=500314270&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:06 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 40ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005676&de=116086465019&cu=1689819005676&m=1632&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=1&ag=1169&an=46&gi=1&gf=1169&gg=46&ix=1169&ic=1169&ez=1&ck=1169&kw=1014&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1169&bx=46&ci=1169&jz=1014&dj=1&aa=1&ad=1069&cn=0&gn=1&gk=1069&gl=0&ik=1069&co=1069&cp=1014&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1014&cd=92&ah=1014&am=92&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5161147644%3A3105833484%3A6148587061%3A138438523876&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=660612441&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:07 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 40ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005676&de=116086465019&cu=1689819005676&m=1633&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=1&ag=1169&an=1169&gi=1&gf=1169&gg=1169&ix=1169&ic=1169&ez=1&ck=1169&kw=1014&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1169&bx=1169&ci=1169&jz=1014&dj=1&aa=1&ad=1069&cn=1069&gn=1&gk=1069&gl=1069&ik=1069&co=1069&cp=1014&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1014&cd=1014&ah=1014&am=1014&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5161147644%3A3105833484%3A6148587061%3A138438523876&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=1070254553&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:07 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 40ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005676&de=116086465019&cu=1689819005676&m=1633&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=1&ag=1169&an=1169&gi=1&gf=1169&gg=1169&ix=1169&ic=1169&ez=1&ck=1169&kw=1014&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1169&bx=1169&ci=1169&jz=1014&dj=1&aa=1&ad=1069&cn=1069&gn=1&gk=1069&gl=1069&ik=1069&co=1069&cp=1014&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1014&cd=1014&ah=1014&am=1014&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5161147644%3A3105833484%3A6148587061%3A138438523876&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=825113272&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:07 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0A63 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8bVxATngUbhp-ZsTaxP9CPcVSA_X62-0wYpFT94ARzLWNWRQpJutcF3aTIFLuwV9d6o3Uo14zsAE39ho0I3S0F-nqdVHT5aJDXw5R7ewl-iFAT2XH&sig=Cg0ArKJSzGC7VDjIj7YFEAE&id=lidar2&mcvt=1002&p=1105,308,1106,309&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230717&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2160334793&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689819005048&rpt=1400&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg5ODE5MDA1eGU3N2I5ODczMTYzOGMzeDc3MjgwNTA3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTI0ODg2NjgzODE1ODk4NiIsImluZGV4I...
track.celtra.com/json/ 35 B
242 B 116ms
116ms Image
image/gif 52.202.6.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg5ODE5MDA1eGU3N2I5ODczMTYzOGMzeDc3MjgwNTA3IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyMTI0ODg2NjgzODE1ODk4NiIsImluZGV4Ijo4LCJjbGllbnRUaW1lc3RhbXAiOjE2ODk4MTkwMDcuNTY2LCJuYW1lIjoidmlld2FibGU1MDEiLCJjcml0ZXJpb24iOnsibmFtZSI6IjUwLzEiLCJyYXRpbyI6MC41LCJ0aW1lIjoxMDAwfX1dfQ==?crc32c=2178419913
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.6.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-6-212.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 20 Jul 2023 02:10:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 41ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=765&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005750&de=373080562936&cu=1689819005750&m=2111&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=1&ag=1157&an=55&gi=1&gf=1157&gg=55&ix=1157&ic=1157&ez=1&ck=1157&kw=1012&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1157&bx=55&ci=1157&jz=1012&dj=1&aa=1&ad=1053&cn=0&gn=1&gk=1053&gl=0&ik=1053&co=1053&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1012&cd=110&ah=1012&am=110&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3197325587%3A6292938605%3A138408218300&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=13_o88kkx2562800000o88kkx2562800000o88&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=1584359247&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:07 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 40ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=765&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005750&de=373080562936&cu=1689819005750&m=2112&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=1&ag=1157&an=1157&gi=1&gf=1157&gg=1157&ix=1157&ic=1157&ez=1&ck=1157&kw=1012&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1157&bx=1157&ci=1157&jz=1012&dj=1&aa=1&ad=1053&cn=1053&gn=1&gk=1053&gl=1053&ik=1053&co=1053&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1012&cd=1012&ah=1012&am=1012&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3197325587%3A6292938605%3A138408218300&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=13_o88kkx2562800000o88kkx2562800000o88&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=1835475114&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:07 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 40ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=765&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005750&de=373080562936&cu=1689819005750&m=2113&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=1&ag=1157&an=1157&gi=1&gf=1157&gg=1157&ix=1157&ic=1157&ez=1&ck=1157&kw=1012&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1157&bx=1157&ci=1157&jz=1012&dj=1&aa=1&ad=1053&cn=1053&gn=1&gk=1053&gl=1053&ik=1053&co=1053&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1012&cd=1012&ah=1012&am=1012&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3197325587%3A6292938605%3A138408218300&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=13_o88kkx2562800000o88kkx2562800000o88&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=500886008&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:07 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 41ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005643&de=846236746768&cu=1689819005643&m=5153&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=1&ag=5147&an=1243&gi=1&gf=5147&gg=1243&ix=5147&ic=5147&ez=1&ck=1037&kw=838&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5147&bx=1243&ci=1037&jz=838&dj=1&aa=1&ad=5040&cn=1136&gn=1&gk=5040&gl=1136&ik=5040&co=1136&cp=1039&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4933&cd=1039&ah=4933&am=1039&xd=00&rf=0&re=1&ft=4932&fv=1136&fw=930&wb=2&cl=0&at=0&d=5161147644%3A3207079677%3A6303472284%3A138437184061&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=7_8yf0uxow0im000008yf0uxow0im000008yf&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=91508633&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 41ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005597&de=667058735367&cu=1689819005597&m=5399&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=47&vx=47%3A47%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=0&ag=979&an=3&gf=979&gg=3&ix=979&ic=979&ez=1&aj=1&pg=100&pf=100&ib=0&cc=0&bw=979&bx=3&dj=1&aa=0&ad=854&cn=0&gk=854&gl=0&ik=854&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5193&cd=5&ah=5193&am=5&xd=00&rf=0&re=1&ft=854&fv=0&fw=854&wb=1&cl=0&at=0&d=5134346611%3A3197325587%3A6292938605%3A138424532569&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=301x251&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=14_zb9neb554l000000zb9neb554l000000zb9&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=219608484&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 40ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005736&de=315795097447&cu=1689819005736&m=5341&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=5&vx=5%3A6%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=0&pg=5&pf=5&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5136&cd=3&ah=5136&am=3&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138409453221&bo=22316126855&bp=22339890152&bd=300_1v_article&zMoatPS=300_1v_article&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=9_cqcgglgtd4q00000cqcgglgtd4q00000cqc&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=1478937683&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 41ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGQyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-kBhMBihjE1CFgA%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&id=1&ii=4&f=0&j=&t=1689819005676&de=116086465019&cu=1689819005676&m=5524&ar=c013c52fed3-clean&iw=a26c119&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4076&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1688%3A2224%3A3641%3A1700&as=1&ag=5062&an=1169&gi=1&gf=5062&gg=1169&ix=5062&ic=5062&ez=1&ck=1169&kw=1014&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5062&bx=1169&ci=1169&jz=1014&dj=1&aa=1&ad=4962&cn=1069&gn=1&gk=4962&gl=1069&ik=4962&co=1069&cp=1014&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4906&cd=1014&ah=4906&am=1014&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=5161147644%3A3105833484%3A6148587061%3A138438523876&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=204627&na=240724732&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 02:10:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.darkreading.com
URL: https://www.darkreading.com/_next/image?url=https%3A%2F%2Fbeta.darkreading.com%2F_next%2Fstatic%2Fmedia%2Firibbon-logo.fed34d59.png&w=96&q=75

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.darkreading.com/	1970-01-20 15:33:15	Name: _gcl_au Value: 1.1.1500222737.1689819003
.darkreading.com/	1969-12-31 23:59:59	Name: __Secure-next-auth.callback-url Value: https%3A%2F%2Fwww.darkreading.com
.darkreading.com/	1970-01-20 17:42:51	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Jul+20+2023+02%3A10%3A03+GMT%2B0000+(GMT)&version=6.39.0&isIABGlobal=false&hosts=&consentId=a14115e3-3a76-4a3f-b1ba-475523d2483c&interactionCount=0&landingPath=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fchina-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.darkreading.com/	1970-01-20 22:59:39	Name: _ga_1X1EHQ3PFR Value: GS1.1.1689819003.1.0.1689819003.60.0.0
.darkreading.com/	1970-01-20 13:23:40	Name: _sp_ses.94c4 Value: *
.darkreading.com/	1970-01-20 22:59:39	Name: _sp_id.94c4 Value: 19a139f6-bfd3-48fa-b311-a9e4ad79dd3f.1689819004.1.1689819004.1689819004.27747ca7-0984-40a0-a1eb-6b9f9799f183
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: RuH6CWEegR8
.youtube.com/	1970-01-20 17:42:51	Name: VISITOR_INFO1_LIVE Value: XanHBdKT7q4
.darkreading.com/	1970-01-20 22:52:27	Name: _cb Value: mAKdV819YNDPuuVR
.darkreading.com/	1970-01-20 22:52:27	Name: _chartbeat2 Value: .1689819003666.1689819003666.1.Dukv5m7W01x03XltDhdbhmdThR.1
.darkreading.com/	1970-01-20 13:23:40	Name: _cb_svref Value: null
.darkreading.com/	1970-01-20 22:59:39	Name: _ga Value: GA1.2.2125217975.1689819004
.darkreading.com/	1970-01-20 13:25:05	Name: _gid Value: GA1.2.1452756568.1689819004
.darkreading.com/	1970-01-20 13:23:39	Name: _gat_UA-135180592-2 Value: 1
www.darkreading.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.darkreading.com/	1970-01-20 22:59:39	Name: __td_signed Value: true
.darkreading.com/	1970-01-20 22:59:39	Name: _td Value: 34dad6e8-8e2e-49d5-9c7c-df71b7bb3446
.js.ubembed.com/	1970-01-20 13:23:40	Name: __cf_bm Value: vyAFh0_xS2Y5Np04If_dZbC58LsFW2FU8RloVfpISCE-1689819003-0-AVy5+0xc0C3axHhJNeHdcPFeCWecp6GwoYdqhfBL33cTxe7xvEG+ytJX4+TxoeNsfjIWIyj2yxaqkQUY7W1wClI=
.darkreading.com/	1970-01-20 22:09:15	Name: _hjSessionUser_2610568 Value: eyJpZCI6IjRkMmFmNjNlLTMyM2UtNTQ3ZC05OGU4LWNiZWE4MWRmZTFlNSIsImNyZWF0ZWQiOjE2ODk4MTkwMDM4MjAsImV4aXN0aW5nIjpmYWxzZX0=
.darkreading.com/	1970-01-20 13:23:40	Name: _hjFirstSeen Value: 1
.darkreading.com/	1970-01-20 13:23:39	Name: _hjIncludedInSessionSample_2610568 Value: 0
.darkreading.com/	1970-01-20 13:23:40	Name: _hjSession_2610568 Value: eyJpZCI6IjRmOGFkMjVhLWFmNmEtNDc2OC05YzRhLWNjZmE4ZDA3ODAyZSIsImNyZWF0ZWQiOjE2ODk4MTkwMDM4MjcsImluU2FtcGxlIjpmYWxzZX0=
.darkreading.com/	1970-01-20 13:23:40	Name: _hjAbsoluteSessionInProgress Value: 1
.adnxs.com/	1970-01-20 15:33:15	Name: uuid2 Value: 5698610293901467396
www.darkreading.com/	1970-01-20 13:25:05	Name: _iris_cdl Value: Ki50cmFkZXB1Yi5jb20=
www.darkreading.com/	1969-12-31 23:59:59	Name: __Host-next-auth.csrf-token Value: aba24ea04d8077a38307991649a3339fec05e534f518096e657b0028d7685ea7%7Ce95d713948b1473c2e2e514e49a3f78c5074d7890368efeaf31ebc11f375c42d
.in.treasuredata.com/	1970-01-20 22:59:39	Name: _td_global Value: 5d06e58f-63c0-425a-ac55-943aab1284f6
.darkreading.com/	1970-01-20 22:09:15	Name: sp Value: 28561d96-f608-42f9-9302-7068f4d37cc1
.darkreading.com/	1969-12-31 23:59:59	Name: at_check Value: true
.dpmsrv.com/	1970-01-20 22:59:39	Name: dpm_pxl Value: 38268ac3be729bef3bbca2af2969d3986c6420a8
.dpmsrv.com/	1970-01-20 22:59:39	Name: dpm_pxl_aid Value: 5698610293901467396
www.darkreading.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.darkreading.com/	1970-01-20 22:59:39	Name: mbox Value: session#804f72187acb45759b72da0d7443ea82#1689820865\|PC#804f72187acb45759b72da0d7443ea82.37_0#1753063805
.darkreading.com/	1970-01-20 13:23:40	Name: mboxEdgeCluster Value: 37
.doubleclick.net/	1970-01-20 22:45:15	Name: IDE Value: AHWqTUmhUeIUYjRtAZsj8r8Fl-PR0Ej1bbDWKKwhQXqZO_tqNGtScF7bi2ONPTwASf0
.darkreading.com/	1970-01-20 22:55:19	Name: ELOQUA Value: GUID=46A0A912B72544EA8877ED9432544EDB
.darkreading.com/	1970-01-20 22:45:15	Name: __gads Value: ID=ddc8521e54bf7c4f:T=1689819004:RT=1689819004:S=ALNI_MZzc2-lOIF0TcNt2XLyP-1r_5NQEA
.darkreading.com/	1970-01-20 22:45:15	Name: __gpi Value: UID=00000c4023c02e6d:T=1689819004:RT=1689819004:S=ALNI_Ma4jq32fygKtO_eSvo2S4h1qGutPg
www.darkreading.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 7.005

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=5698610293901467396 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://www.darkreading.com/404 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

35f84c9835cb2e3078c3c1b7bc7fe174.safeframe.googlesyndication.com
6600d6d98e534115970f9529a45f3195.js.ubembed.com
a.dpmsrv.com
a.teads.tv
ads.celtra.com
assets.ubembed.com
bam.eu01.nr-data.net
beta.darkreading.com
c.darkreading.com
cache-ssl.celtra.com
cdn.cookielaw.org
cdn.treasuredata.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
eu-images.contentstack.com
eu01.in.treasuredata.com
fonts.gstatic.com
geo.moatads.com
geolocation.onetrust.com
ib.adnxs.com
idsync.rlcdn.com
iirexhibitionslimite.tt.omtrdc.net
img.en25.com
in.ml314.com
js-agent.newrelic.com
ml314.com
pagead2.googlesyndication.com
ping.chartbeat.net
px.moatads.com
region1.analytics.google.com
s.dpmsrv.com
script.hotjar.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.chartbeat.com
static.cloudflareinsights.com
static.hotjar.com
static.iris.informa.com
stats.g.doubleclick.net
t.teads.tv
tpc.googlesyndication.com
track.celtra.com
trk.darkreading.com
vc.hotjar.io
www.darkreading.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
z.moatads.com
www.darkreading.com
108.138.17.119
13.32.99.18
13.32.99.66
13.32.99.85
142.250.186.130
151.101.194.137
151.101.66.137
18.66.112.49
18.66.112.79
18.66.97.49
185.221.87.23
192.29.69.231
2.18.161.51
2001:4860:4802:32::36
2001:4de0:ac18::1:a:1b
23.201.242.231
23.32.185.123
2600:9000:2057:4600:18:1fcd:353:c61
2606:4700::6810:3865
2606:4700::6811:190e
2606:4700::6811:7563
2606:4700::6811:7963
2606:4700::6812:1c26
2606:4700::6812:aa72
2606:4700::6812:b96
2606:4700::6812:bcf
2a00:1450:4001:802::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:400c:c0a::9c
3.11.96.30
3.73.184.11
34.111.234.236
35.244.174.68
37.252.171.149
52.0.197.153
52.202.6.212
52.222.236.63
52.3.151.18
52.72.174.214
54.208.168.48
66.235.152.152
95.101.149.35
0024799439eb23b1b2336e7556d2d6961d34fddda504dc7603352aaa1b65392a
0090ad87f563541d825d7eb3365d802e0c94ff77c073c89ba4566d3a6de87d80
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
014a3d61d0c654f1c2f03e2b9fe22f951a945535e91b02e0fffec31da5ba6f3a
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
03b6f9934a86e8d5472f0b2449d99983b33aceba85871c5ac10ff79a70afab97
061873fb71d654fc87404592fbb9cd1665e8882c1ab3423f92ddc61f940be783
06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e
0b09c565baa3b8d3de7ea5b132e22c0ed1bb8943ae83d1bff9421e62ae8d8800
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e
0cb1f38d61653157e68473122673d1341e3fa8be59749683fb5b19f97d7b658c
0dc2079a2fae11bfda556ae3b1c399f197455b233384dedf0764dafa66da0daa
0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7
0e198a2d521948c31a85eff04b881542d8b31d8b5824f900a950ea34bf5ef811
0ecf52614cfcf19d9e54f6315e8469693c03fc619115da7ce952bd4257b76f03
0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a
11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307
11b9b58672d611b42a4cc959635a43101e17349ea7c4899cd1a807a4d5917f95
120be5c1f0c3158ea3f36d14321d28e8bad8f3c6fcf6eadd240020c1836eff98
127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793
15589a33de91c47508179520409c0e4a555e628b9d439ea9def28ee308e5de6f
167c7894014a33b184a658a4883c24c20bbd158dc04b7fef709f80a4bca6a7d1
17a9795fd3a10aefb8fff238d8ffa084f55c3819c46166c21dad75ec5233f47f
1848ed0b2a54ed644ee182f2e2c012164080f1be7c475041f8d0a2ebe456c89f
1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7
199e6bade2d27455dede208b7dd934cdfbb7bcce75f3cf784b1b448b93ca54b0
19d9249f42cf04420a372a728ac0f36a0696add22437edd2769b6a50ca22683e
1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f
1cc56be71f6e9f4103ea28dbd4e3f435288c26bba0015c66ca49b117e46a35ad
1cd991878506f4e3e2bb0513ee3776edd953572149dfa3729c7d2e6cfa6110e7
21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ab5f65a6c2b556cbcb35ce48c3e8b9915a61346235aa8cf196917a4879018be
2adfabdca47e7ea3ca23597e24f6415dea9842d97159920b12d55796273b50f0
2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286
2f5b3337e50c102f17c2f6534f24db91119b37f8dacc95e5776c852987bce6b4
2f8650c7f614694fbf353e3690b981a651ce8aa79ee32c82f21ef303eeeb5421
2fc9226c1dac21a7182d442ae225403735a06132fa0d3339f9b691161f226870
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ea9278a43d9dd2fb9b95d32b1af2b007b0e43632dd62ad58397022f2319795
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
33d4e261184b7d803ce2c30933d06f222eb1a1d9856ebc37a200fd746d2adcfb
3505e5a091af5da295452e068df8eb096bcf6bcf525260d6dd6e086a4ad3805f
35396bc1fe0457ca063caaf18161f4d252b66dda7bdf4dc83bd7291c5a763b5a
36069dae705692548e4a2c2d3c504cea29cf7756771c054130f14e48f3492b58
36cb35f0d6985d7acea7e2e0bb45582010d94571e9f64bcd6ca7314844657695
38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274
3910c9e81b36585872cb255c222691d571cf1cc4e1035d52690048d2c1c248ca
3aa7f2e293aa413d264dd55f51ec7be336f5342f420e6d759b6bb71403e2b98c
3ab7d7cd287b3914f7b8b89484e90bd53ee1d3d3f68be01f0e6a7406a4e82afa
3c41cfe67118e38535038172da72d67ca47637f22c0de05c3b69db3362898597
3cb76372da2a033f8786ce21aaaa6420bba343fea4f85f5f30ed7cee0223197f
3d238f5d9ce7c53e06aa9d28b552db871fb0bb90a42a544a7ce2ed7c7ae2f07d
3d847022b4855577f07071ade28e6ffba86c014283f02fbba7d326690b157ee9
3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f
41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d
429f7e0fe891676debcf572bce666bf67cabfd82e6774895d4800283a05df589
42a69348bb53b155c5d4fa084e826b2ca4f80cdcd131455fe33c8ab8b1f32ddc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4459170bb1d47a493f233d2b9b88a6654d5487b0fb54fc2b1458eaf8a2c0801c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49830df0e3f875d7115b5c0ed33f2263b2d8e5614bd00a98d31db9b73ca7d15f
4a4ceecc083a0922df3638361a0fc4ff1afe2a55e122a3ffe6453a6cd5ba7bef
4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825
4c662be26daa544e07f7170870e306427b9fcf0d9f30e6f602c7fb67005bfda3
4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435
50973e00ee7e093e77f2127562eaf1351206f5801a891faaa0a70514f3d6196b
51516a9196395982078e7459b5aa7a498e3d7fdd796b123983230d6a7f7e3c4c
5584db8771fd9d24aeb0c3887b9c6922a72c73e6af5382d594003e3cf1315bb4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
56a959481955c6b63d0f4fc3556c5f17f2bbf8bbc481f44e17af994c923a3466
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61380ad89eed75f451f50e7cf1248acc2be73879dd82c1fa4943bef3e5d0a5c9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1
65958282b41dd7e8ad87884b0891b511be968f8beea9c18f95a68282db0f7e42
693dc3b5d1d9d1bb2ed119612fa9062f6d3b49b6155984d62fafd28796fa6b24
6ac768d479fd8627d59a5298f7175cf51f4ace4eea8feda66a04b1e32244d6ed
6d3dc674358fda55cc8336954f3ea7997d1bcab811a6cc8d296b3f599bf3e2a8
6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561
6e00d3935f6a747eedf83365b8b957f71ec570e9ac018426c07f59e7e1a32126
6e3c1eae7226a6f794fc125b323bdb3c28e466ab0aeeaa815782f5a51400fd89
6f2731b7ddbfae256839a740f6dda68ec6e67a4cf1e62a8ed4ffce75a589d16d
711fd0ee56213c40a8a5f202fe2c3511af34966c7ae03d715cb5dfc7f031837b
720b074e114854f5c2b347ee013066f2ff6e8a1da750d605c8df6936b997eb60
757c66837cfbe8c2533e8c41099d8e50b20f83fbf84ead6a6d7435dcc2ad0884
7662bd2cb7034d86dc4bdb707af33dd9ca3198a95d392067ee3c0c9ffaffdf0e
77853a7431e75ce53cfdf190056876fc25f8ae879adf86906160d0ab0380d1cf
792074561f2d94442c8648916f41fc6016817b61d554daa9c67301aeecca14bb
7ac9ee76a24c064a36d92e138ff8f83978dfe640f1128957fcaf1d35379a435e
7c9fa17038e3e179f18bca5085a04d12ccac1eda0e9e395e07bb702503053959
7eb9235c2f7bb8951d6d6fd6cb0b4608596e4cc97f3d644b3d1c57ba460a6a3d
82b199a09bd801f015bda7aee54bf06f85272f5bd8f0f1cdbd05d8cb52fcd935
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda
8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca
89ee4d44bf41e3ee2e0871d56b64c6f5353eeff5c0a1dde4ce53673a3e44d62a
89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119
8db348db281054445696361bb87e5bcd8891546c122cb6d422f5a9c8e784884d
92e2472635cbca31d4b0694c1248618677a5279d6e841b23191c3d5a76ac09f4
9dddb939f2fb146a699ea1cf0efd984d4b8f429aa49d70246bff358fdbdf7fe7
9e5ec0a03ff3ff8859a2d6be04436062e5ae975677239e7321ffda43bff8a770
a5a690feddba84c3910dfafcff0778860e6e990bf5ea0e842330f08cc9188e9a
a62cccc0375c9fe67082cb1178fa2c72f13a5958ae5e9f2d8541c7c1e28705e1
ab36b8356d4b7e3e3591b161427e6fb18512a2ccc8a787f8cc03294cf2f30478
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b315181f1047d35cc29f1b83c9c31ea493c5006f21930ba0a5e790a80ca2b7f2
b4525a5f3847a9166fe1e883fd275951bf489526dd0d239acbf3118d0c80cec3
b7bba556413ac6563f5e1b893d129c08da2cd799b123a3d1ad8d206e2b711117
b836876c6014c346a749c23f680845562679daf29c640c99a3d92797a6244b4d
bea9b9d700e939077ec0dcf13e930432b48fe10b416e8fe2371afec1b602ad94
c6aba51a88d889027cb0aa2ac31fefee6249e32833e8c31071397e080dcbba98
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c870bc0b6e52de133e3273be305bda03afd6aba5d5064c034f2a50a3af3edc01
c8ea75d5d8177228b19b251fc18ba08df79bfa0683db9d174a95e17f240a7e11
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
c9e40e17ef48acdd8fbbd4ab434adcd35602a939c19816f297baaa91e675a067
cb4787d6337aa1e504d8d2dc49629d5b46a49c30a6da6f4bb964e8875dd4bc43
cbab44fee4fad7e4e9e3144df99baad6737864e817139033417b627c2af902d1
cbe006779b4df0ae3275b5eab380e604d82604223ba1c67291f622233013bb5e
ccc55d0a01b653671b6d8aca6abdaeba5202d849fe4eab33668b9dd2fd4cbc06
ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db
d0d7c9c8e398100c60b41833292522f27b1e6b12c057442536ff98995d90f08c
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d7ab1b38259b52fb84c04d55fc1125509cf0df05f897fc77fec4edf9db7a1595
d993d894f9713b3d26ccd12fb9bfdd84e48131d1eef5d20d41f1cdc7bcc9c00f
d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55
daa25a76b91d2ec47600be9c132b183a0f8962c40e94d970678058a454f3a8e8
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dbf2cd8fb275c4993cf874962396c7df9c6c79e5bd6e436c51f6f580e0632de0
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
de06fea245b0036d21764fcf2b9a4791c0a0f1e927e3916c7d779cb44a1977bd
de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e168f400859a54ae28705c297c4d347eacbbcfee972a38744b8f9d890022a898
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee70e50b4558ba92e3ab8aa48e5bbe962403e815666da6ae65b033449f00f78c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe8a1bea14209d79401a16d5f4c10b8e37b6a864438f2983fea93b2cdc72581
f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f84daf0174e2c6f686b5864ff7dafc119dae3c2ca88f213dcbfc3f70b2b39571
fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd
fb1589f0619e41e0fa1d0770121be244be9fa07d5a6c5938d5988f9726927307
fb657972079f36258237fd79c9b7cf160c82943f31fe5ff1b0e10be49e27be5b
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fc57fb7726d7a86c273bebb59f12bc63a69ea93c695f971f73bb035f9bbe928b
fcb70cd5b8090d9144eeef2f1665608ee4fa67dab1fd167f49af074a42b9101e
fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6

www.darkreading.com Open in urlscan Pro 2606:4700::6811:7563 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

248 Requests

97 %HTTPS

46 %IPv6

36 Domains

54 Subdomains

51 IPs

7 Countries

5331 kBTransfer

12860 kBSize

39 Cookies

44 Outgoing links

Redirected requests

248 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.darkreading.com Open in urlscan Pro
2606:4700::6811:7563 Public Scan

Screenshot
Live screenshot

Full Image

248
Requests

97 %
HTTPS

46 %
IPv6

36
Domains

54
Subdomains

51
IPs

7
Countries

5331 kB
Transfer

12860 kB
Size

39
Cookies

248 HTTP transactions
10 data transactions