GET
H2
|
404
|
Primary Request
/
Show response
logrhythm.com/blog/deep-dive-into-plugx-malware/'/
Redirect Chain
-
https://logrhythm.com/blog/deep-dive-into-plugx-malware/'
-
https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
|
140 KB
27 KB
|
595ms
595ms
|
Document
text/html |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
|
GET
H2
|
200
|
kan0mns.css
use.typekit.net/
|
10 KB
1 KB
|
598ms
499ms
|
Stylesheet
text/css |
2a02:26f0:3500:16::215:1495
AKAMAI-ASN1
|
|
|
GET
H3
|
200
|
frontend.css
logrhythm.com/wp-content/plugins/th-widget-pack/header-footer/inc/widgets-css/
|
79 KB
13 KB
|
53ms
52ms
|
Stylesheet
text/css |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/th-widget-pack/header-footer/inc/widgets-css/frontend.css?ver=2.2.6
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 0b47c6f613bff41662a4af43e11dd7a291ad7a1fbb2346cbcf6260fc2895c911
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
icons.css
logrhythm.com/wp-content/plugins/th-widget-pack/assets/icons/
|
52 KB
11 KB
|
61ms
59ms
|
Stylesheet
text/css |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/th-widget-pack/assets/icons/icons.css?ver=2.2.6
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- a48d01207db36011a52ba50f8fdbef2c589fc97692a7f5c93d182f846dc77164
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
global.css
logrhythm.com/wp-content/plugins/th-widget-pack/css/
|
3 KB
4 KB
|
36ms
33ms
|
Stylesheet
text/css |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/th-widget-pack/css/global.css?ver=1694627737
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 70f3cc852c9c3849b93ab403bff853542df94d4421891b4f50aeacb24f9aeeef
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
header-footer-elementor.css
logrhythm.com/wp-content/plugins/th-widget-pack/header-footer/assets/css/
|
1 KB
4 KB
|
74ms
71ms
|
Stylesheet
text/css |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/th-widget-pack/header-footer/assets/css/header-footer-elementor.css?ver=2.2.6
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b37ebd2524191bf943476446276026a92083fe5bc43571eec11855c3872bd1af
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
elementor-icons.min.css
logrhythm.com/wp-content/plugins/elementor/assets/lib/eicons/css/
|
19 KB
8 KB
|
75ms
73ms
|
Stylesheet
text/css |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.29.0
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 67ac597bed179b5842d996fad80472c6b9514edde408ade8b892161bcf9e9c88
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
frontend.min.css
logrhythm.com/wp-content/plugins/elementor/assets/css/
|
169 KB
24 KB
|
79ms
76ms
|
Stylesheet
text/css |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.20.3
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 5c7a9c0438ba5908e5c3186077746f896f7a8c294d2dbee9bf8f3273c6073289
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
swiper.min.css
logrhythm.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/
|
16 KB
8 KB
|
96ms
93ms
|
Stylesheet
text/css |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
post-6608.css
logrhythm.com/wp-content/uploads/elementor/css/
|
3 KB
5 KB
|
110ms
107ms
|
Stylesheet
text/css |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/elementor/css/post-6608.css?ver=1711655367
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 0511e3b9b89c685aa01a48d5fbed7a2090fee19eff9a2f9dd6e83346c2a942a0
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
frontend.min.css
logrhythm.com/wp-content/plugins/elementor-pro/assets/css/
|
445 KB
48 KB
|
111ms
109ms
|
Stylesheet
text/css |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.20.2
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 8f3778819f0379ff33a687f9ae7dab7cbdf28739873126bfb981d4d682a09a92
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
app.css
logrhythm.com/wp-content/themes/stratusx/assets/css/
|
286 KB
51 KB
|
39ms
36ms
|
Stylesheet
text/css |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/stratusx/assets/css/app.css?ver=1
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- ae77448c16c7a363aa7d7d319222a31c749733042e39c0f5176b1cce3ac03e0f
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
style.css
logrhythm.com/wp-content/themes/logrhythm-child/
|
347 B
4 KB
|
179ms
176ms
|
Stylesheet
text/css |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/logrhythm-child/style.css?ver=6.5
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b1b33627d7bddf9d93dcf1e913bb6e53d97a99c5a7fc30f9aab824bf74707b35
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
app.min.css
logrhythm.com/wp-content/themes/logrhythm-child/dist/css/
|
163 KB
25 KB
|
328ms
326ms
|
Stylesheet
text/css |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/logrhythm-child/dist/css/app.min.css?v=042023
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 9a0efa3ca63814f5db50b2c51b71425660a062236f53af3c2f5c6eb820fffdd3
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
post-86515.css
logrhythm.com/wp-content/uploads/elementor/css/
|
9 KB
5 KB
|
522ms
520ms
|
Stylesheet
text/css |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/elementor/css/post-86515.css?ver=1711656283
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 092178659031117c2562f8ada3b553117505d2023a586c2a4ccda173e79ce2fe
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
jquery.min.js
Show response
logrhythm.com/wp-includes/js/jquery/
|
86 KB
34 KB
|
347ms
344ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
jquery-migrate.min.js
Show response
logrhythm.com/wp-includes/js/jquery/
|
13 KB
9 KB
|
369ms
366ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
2f1bae2942.js
Show response
kit.fontawesome.com/
|
12 KB
5 KB
|
575ms
469ms
|
Script
text/javascript |
2606:4700:4400::ac40:93bc
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
v4.js
Show response
play.vidyard.com/embed/
|
70 KB
23 KB
|
123ms
17ms
|
Script
application/javascript |
151.101.65.181
FASTLY
|
|
|
GET
H2
|
200
|
forms2.min.js
Show response
ecrm.logrhythm.com/js/forms2/js/
|
199 KB
67 KB
|
159ms
41ms
|
Script
application/x-javascript |
104.17.71.206
CLOUDFLARENET
|
|
|
GET
H3
|
200
|
modernizr-custom.min.js
Show response
logrhythm.com/wp-content/themes/logrhythm-child/dist/js/
|
5 KB
6 KB
|
369ms
367ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/logrhythm-child/dist/js/modernizr-custom.min.js
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- c99f726f2a86c98e77f5f081280ff5e78252dbc6d6576828e5fde6c62a3051ed
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
notice
Show response
consent.trustarc.com/
|
63 KB
16 KB
|
216ms
111ms
|
Script
text/javascript |
13.225.78.57
AMAZON-02
|
|
|
GET
H2
|
200
|
core.min.js
Show response
consent.trustarc.com/autoblockasset/
|
18 KB
6 KB
|
145ms
85ms
|
Script
text/javascript |
13.225.78.57
AMAZON-02
|
|
|
GET
H2
|
200
|
autoblockoptout
Show response
consent.trustarc.com/
|
4 KB
2 KB
|
129ms
69ms
|
Script
text/javascript |
13.225.78.57
AMAZON-02
|
|
|
GET
H3
|
200
|
logrhythm-logo-white.svg
logrhythm.com/wp-content/themes/logrhythm-child/dist/img/
|
4 KB
6 KB
|
143ms
133ms
|
Image
image/svg+xml |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/logrhythm-child/dist/img/logrhythm-logo-white.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 81acd87c922461dd8b07a53c907dc098d67358f212a52de422d7ee74680fd36a
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
nasa.svg
logrhythm.com/wp-content/uploads/2020/02/
|
14 KB
7 KB
|
149ms
139ms
|
Image
image/svg+xml |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2020/02/nasa.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 10599ffc37dd3ff57db5d5a984854c3beecfdbd271e8fa1d7321127e84d93edb
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
sirius-xm.svg
logrhythm.com/wp-content/uploads/2020/02/
|
7 KB
7 KB
|
370ms
368ms
|
Image
image/svg+xml |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2020/02/sirius-xm.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- ec7839f109ee0d8025aa46fc9165cfc9ac1e52674c0fc00a675210481c6e90db
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
ucla.svg
logrhythm.com/wp-content/uploads/2020/02/
|
6 KB
5 KB
|
142ms
140ms
|
Image
image/svg+xml |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2020/02/ucla.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- ac8941daec8b1c75b6345ab83858bfc13d9c485d4aacdea52ecf759c34c92f6a
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
g2-spring23-medal.svg
logrhythm.com/wp-content/uploads/2023/09/
|
7 KB
6 KB
|
385ms
383ms
|
Image
image/svg+xml |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2023/09/g2-spring23-medal.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 4dc642fc85c8ca2023e485d6bc9b6e9a74f9e169080830db40c37e87eff8d3a3
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
g2-users-love-us.svg
logrhythm.com/wp-content/uploads/2023/09/
|
4 KB
5 KB
|
51ms
51ms
|
Image
image/svg+xml |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2023/09/g2-users-love-us.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 6971d61d8115453aec57ea622ef3a2b023b53996e7399b0cd899cd830191e3a5
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
email-decode.min.js
Show response
logrhythm.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
|
1 KB
835 B
|
21ms
20ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
|
GET
H3
|
200
|
waypoints.min.js
Show response
logrhythm.com/wp-content/plugins/elementor/assets/lib/waypoints/
|
12 KB
7 KB
|
44ms
43ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
frontend.js
Show response
logrhythm.com/wp-content/plugins/th-widget-pack/header-footer/inc/js/
|
25 KB
7 KB
|
42ms
42ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/th-widget-pack/header-footer/inc/js/frontend.js?ver=2.2.6
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- e92fb6dc00e3c04e1f9af5a1554a33e2b3f2b1d7f9a9266066863a932437f0b9
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
comment_count.js
Show response
logrhythm.com/wp-content/plugins/disqus-comment-system/public/js/
|
889 B
4 KB
|
47ms
46ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.1.1
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
main.js
Show response
logrhythm.com/wp-content/themes/stratusx/assets/js/
|
10 KB
7 KB
|
52ms
52ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/stratusx/assets/js/main.js?ver=1.3
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 1120606d70171f70f1c92b702798a10dedacf4e5a3efd3b7cb7a649f524b50d2
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
app.min.js
Show response
logrhythm.com/wp-content/themes/logrhythm-child/dist/js/
|
96 KB
38 KB
|
147ms
144ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/logrhythm-child/dist/js/app.min.js?ver=1
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 11c7cade4c0b009392f70528471d8df3f30fa91e779bee8560e0bdf444e85f11
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
marketo-prefill.min.js
Show response
logrhythm.com/wp-content/themes/logrhythm-child/dist/js/
|
3 KB
4 KB
|
43ms
43ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/logrhythm-child/dist/js/marketo-prefill.min.js?ver=6.5
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 9234cd0a490631fdad33bc295edc8b3c0ed8860173eb84f6264c826a4d8c7a70
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
themo-foot.js
Show response
logrhythm.com/wp-content/plugins/th-widget-pack/js/
|
11 KB
7 KB
|
34ms
33ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/th-widget-pack/js/themo-foot.js?ver=2.2.6
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- be557052880037a1c160050458fc687e95a193799d58686f0e2eefc8b39f4f42
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
vendor_footer.js
Show response
logrhythm.com/wp-content/themes/stratusx/assets/js/vendor/
|
117 KB
36 KB
|
39ms
39ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/stratusx/assets/js/vendor/vendor_footer.js?ver=1.2
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- eaff775ad40803675c3df967fd79d70cfe3cca7b691c0c7a5e03bfdc0b2850ff
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
lottie.min.js
Show response
logrhythm.com/wp-content/plugins/elementor-pro/assets/lib/lottie/
|
247 KB
67 KB
|
591ms
591ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor-pro/assets/lib/lottie/lottie.min.js?ver=5.6.6
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 0eceb9be92f0ec6a1b69ebafa0bdb6bd72506565259ca6c4574185e7336d0f04
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
webpack-pro.runtime.min.js
Show response
logrhythm.com/wp-content/plugins/elementor-pro/assets/js/
|
6 KB
6 KB
|
36ms
35ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.20.2
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 316a940e4c553c8e577e39b1407f182c4357ffd2302d417205830eb8771c1ea5
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
webpack.runtime.min.js
Show response
logrhythm.com/wp-content/plugins/elementor/assets/js/
|
5 KB
6 KB
|
55ms
54ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.20.3
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 54332f1e6cf0aa349c504422f066ea1c1ee5d3152ebc96944cdafe72961dcd0d
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
frontend-modules.min.js
Show response
logrhythm.com/wp-content/plugins/elementor/assets/js/
|
59 KB
21 KB
|
90ms
88ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.20.3
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- a87fcabee27652552d5eb2fc3cb61d2fa44408ea6ad7033598775f591236c290
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
wp-polyfill-inert.min.js
Show response
logrhythm.com/wp-includes/js/dist/vendor/
|
8 KB
6 KB
|
100ms
89ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
regenerator-runtime.min.js
Show response
logrhythm.com/wp-includes/js/dist/vendor/
|
6 KB
6 KB
|
101ms
89ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
wp-polyfill.min.js
Show response
logrhythm.com/wp-includes/js/dist/vendor/
|
38 KB
18 KB
|
103ms
91ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
hooks.min.js
Show response
logrhythm.com/wp-includes/js/dist/
|
4 KB
5 KB
|
72ms
61ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
i18n.min.js
Show response
logrhythm.com/wp-includes/js/dist/
|
9 KB
7 KB
|
97ms
86ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
frontend.min.js
Show response
logrhythm.com/wp-content/plugins/elementor-pro/assets/js/
|
24 KB
11 KB
|
116ms
105ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.20.2
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- e0127ebe9681ce89b2ce6de5293e1f064c0e6447b803a1cff70e3d447242e68b
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
core.min.js
Show response
logrhythm.com/wp-includes/js/jquery/ui/
|
21 KB
11 KB
|
95ms
84ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
frontend.min.js
Show response
logrhythm.com/wp-content/plugins/elementor/assets/js/
|
39 KB
16 KB
|
118ms
107ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.20.3
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 28abab0e81dceebab466c855e82b8cfc06f9e138ff78fb45ae102a6a36be0e5d
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
elements-handlers.min.js
Show response
logrhythm.com/wp-content/plugins/elementor-pro/assets/js/
|
37 KB
13 KB
|
133ms
123ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.20.2
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 66c5073bb5b13ec03106e31457b230eef5fc1698d24536a61ff5a5f4313269de
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
p.css
p.typekit.net/
|
5 B
172 B
|
37ms
29ms
|
Stylesheet
text/css |
2a02:26f0:3500:16::215:1495
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
l
use.typekit.net/af/74b049/00000000000000007735b97f/30/
|
12 KB
12 KB
|
147ms
29ms
|
Font
application/font-woff2 |
2a02:26f0:3500:16::215:1495
AKAMAI-ASN1
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
90 B
0
|
|
Image
image/webp |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
44 B
0
|
|
Image
image/webp |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
38 B
0
|
|
Image
image/webp |
|
|
|
GET
H2
|
200
|
gtm.js
Show response
www.googletagmanager.com/
|
302 KB
97 KB
|
146ms
49ms
|
Script
application/javascript |
2a00:1450:4001:81d::2008
GOOGLE
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
82 B
0
|
|
Image
image/webp |
|
|
|
GET
H/1.1
|
200
OK
|
count.js
Show response
logrhythm-com.disqus.com/
|
1 KB
2 KB
|
113ms
18ms
|
Script
application/javascript |
199.232.196.134
FASTLY
|
|
General
- Full URL
- https://logrhythm-com.disqus.com/count.js
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.1.1
- Protocol
- HTTP/1.1
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
199.232.196.134
, United States,
ASN54113
(FASTLY, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=300; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
space-stars-background-1920.jpg
logrhythm.com/wp-content/uploads/2021/07/
|
237 KB
241 KB
|
238ms
238ms
|
Image
image/jpeg |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2021/07/space-stars-background-1920.jpg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/wp-content/uploads/elementor/css/post-86515.css?ver=1711656283
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 3e292f4b6d81003d9d2ac3ceb89881936a670f8f595f7dd65d2517e01864c108
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
background-flatirons-violet-01-1.png
logrhythm.com/wp-content/uploads/2022/02/
|
1 KB
5 KB
|
167ms
167ms
|
Image
image/webp |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2022/02/background-flatirons-violet-01-1.png
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/wp-content/uploads/elementor/css/post-86515.css?ver=1711656283
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 67614828cf3f7a0f61ee5dc0f9a6212d44c8f98e8a9da03327d13beaf3a61fc1
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
l
use.typekit.net/af/dde969/00000000000000007735b995/30/
|
12 KB
12 KB
|
121ms
37ms
|
Font
application/font-woff2 |
2a02:26f0:3500:16::215:1495
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
l
use.typekit.net/af/1fe1ce/00000000000000007735aff6/30/
|
12 KB
12 KB
|
125ms
41ms
|
Font
application/font-woff2 |
2a02:26f0:3500:16::215:1495
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
l
use.typekit.net/af/e5635b/00000000000000007735b98f/30/
|
12 KB
12 KB
|
116ms
33ms
|
Font
application/font-woff2 |
2a02:26f0:3500:16::215:1495
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
l
use.typekit.net/af/34c58e/00000000000000007735b983/30/
|
12 KB
12 KB
|
106ms
35ms
|
Font
application/font-woff2 |
2a02:26f0:3500:16::215:1495
AKAMAI-ASN1
|
|
|
GET
H3
|
200
|
temple-university-logo-compressed.svg
logrhythm.com/wp-content/uploads/2021/05/
|
4 KB
5 KB
|
121ms
116ms
|
Image
image/svg+xml |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2021/05/temple-university-logo-compressed.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- fe04371e99bc3a1cd9669a16fc95bdff81ded468cd7e14dad38669817130c27b
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
bakertilly-logo.svg
logrhythm.com/wp-content/uploads/2021/08/
|
5 KB
6 KB
|
122ms
117ms
|
Image
image/svg+xml |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2021/08/bakertilly-logo.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 726cdb991294913fa2541fe5fa763a8725c3cb3f5c878b56da38559fbfb9bc92
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
chart-industries-logo.svg
logrhythm.com/wp-content/uploads/2021/08/
|
7 KB
6 KB
|
123ms
118ms
|
Image
image/svg+xml |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2021/08/chart-industries-logo.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 84e51490bf098d4ab164444efab69b0019350238365b18ce3328701837d258f1
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
us-air-force.svg
logrhythm.com/wp-content/uploads/2022/02/
|
5 KB
5 KB
|
149ms
145ms
|
Image
image/svg+xml |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2022/02/us-air-force.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 842b5d6ed9e5e4ac166eb55615b55da7366a235b19af87375f70c74afabd769a
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
cdon-logo.svg
logrhythm.com/wp-content/uploads/2022/02/
|
2 KB
4 KB
|
150ms
147ms
|
Image
image/svg+xml |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2022/02/cdon-logo.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 2df44dc69064c7fa71246e486d2a28877def46caa33ada1a981a8abd7686d072
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
Bilstein-logo.svg
logrhythm.com/wp-content/uploads/2022/10/
|
3 KB
5 KB
|
151ms
148ms
|
Image
image/svg+xml |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2022/10/Bilstein-logo.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- a7951d76e2e255a3c209df151a549124e93fa2a0119c458cb3ff478bf8c77c8d
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
KIA-customer-logo.svg
logrhythm.com/wp-content/uploads/2023/02/
|
1 KB
4 KB
|
152ms
150ms
|
Image
image/svg+xml |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2023/02/KIA-customer-logo.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- df55df709530226ae937083e9a5d37721597e1486ba032da9c8a769bdd277f31
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
bloomin-brands-customer-logo.svg
logrhythm.com/wp-content/uploads/2023/02/
|
14 KB
8 KB
|
156ms
154ms
|
Image
image/svg+xml |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2023/02/bloomin-brands-customer-logo.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 9c8535a1c5d37f5645aa956bd6a8ca9114c57fdfcdbc60dbebf6c969430aaffc
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
ADCS-customer-logo.svg
logrhythm.com/wp-content/uploads/2023/02/
|
22 KB
20 KB
|
183ms
159ms
|
Image
image/svg+xml |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2023/02/ADCS-customer-logo.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 0c3c7a8ded7af0a5f0a5d96af811f343396391197f6986269715c5dd0360974b
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
LR_ui_dashboard_monitor1-1-1-768x768.png
logrhythm.com/wp-content/uploads/2022/02/
|
62 KB
66 KB
|
415ms
391ms
|
Image
image/webp |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2022/02/LR_ui_dashboard_monitor1-1-1-768x768.png
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 5da9e14a57fbd8266e373008d5a9362c47a19eb62a85a01a37458d81a94146c1
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
js
Show response
www.googletagmanager.com/gtag/
|
290 KB
97 KB
|
60ms
60ms
|
Script
application/javascript |
2a00:1450:4001:81d::2008
GOOGLE
|
|
|
GET
H2
|
200
|
destination
Show response
www.googletagmanager.com/gtag/
|
219 KB
79 KB
|
51ms
51ms
|
Script
application/javascript |
2a00:1450:4001:81d::2008
GOOGLE
|
|
|
GET
H2
|
200
|
destination
Show response
www.googletagmanager.com/gtag/
|
247 KB
85 KB
|
42ms
41ms
|
Script
application/javascript |
2a00:1450:4001:81d::2008
GOOGLE
|
|
|
GET
H2
|
200
|
destination
Show response
www.googletagmanager.com/gtag/
|
215 KB
78 KB
|
170ms
170ms
|
Script
application/javascript |
2a00:1450:4001:81d::2008
GOOGLE
|
|
|
GET
H2
|
200
|
jukebox.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
57 KB
18 KB
|
166ms
95ms
|
Script
application/javascript |
13.32.99.82
AMAZON-02
|
|
|
GET
H2
|
200
|
677.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
7 KB
3 KB
|
22ms
22ms
|
Script
application/javascript |
13.32.99.82
AMAZON-02
|
|
|
POST
H2
|
204
|
collect
region1.analytics.google.com/g/
|
0
253 B
|
73ms
29ms
|
Ping
text/plain |
2001:4860:4802:32::36
GOOGLE
|
|
General
- Full URL
- https://region1.analytics.google.com/g/collect?v=2&tid=G-1FE13FG8WE>m=45je4410v867738930z8830930082za200&_p=1712242948635&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1949584526.1712242949&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712242949&sct=1&seg=0&dl=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&dt=Page%20not%20found%20%7C%20LogRhythm&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2176
- Requested by
- Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1FE13FG8WE&l=dataLayer&cx=c
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2001:4860:4802:32::36
, United States,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
Golfe2 /
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
POST
H2
|
204
|
collect
stats.g.doubleclick.net/g/
|
0
253 B
|
81ms
27ms
|
Ping
text/plain |
2a00:1450:400c:c00::9c
GOOGLE
|
|
General
- Full URL
- https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1FE13FG8WE&cid=1949584526.1712242949>m=45je4410v867738930z8830930082za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
- Requested by
- Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1FE13FG8WE&l=dataLayer&cx=c
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:400c:c00::9c
Brussels, Belgium,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
Golfe2 /
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
GET
H3
|
200
|
ga-audiences
www.google.fr/ads/
|
42 B
63 B
|
108ms
53ms
|
Image
image/gif |
172.217.23.99
GOOGLE
|
|
General
- Full URL
- https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1FE13FG8WE&cid=1949584526.1712242949>m=45je4410v867738930z8830930082za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1967309480
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
172.217.23.99
, United States,
ASN15169
(GOOGLE, US),
- Reverse DNS
- fra16s45-in-f3.1e100.net
- Software
-
cafe /
- Resource Hash
- ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
447.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
476 B
867 B
|
22ms
22ms
|
Script
application/javascript |
13.32.99.82
AMAZON-02
|
|
|
GET
H2
|
200
|
init
Show response
jukebox.pathfactory.com/api/public/v1/
|
5 KB
3 KB
|
359ms
172ms
|
XHR
application/json |
52.55.132.161
AMAZON-AES
|
|
General
- Full URL
- https://jukebox.pathfactory.com/api/public/v1/init?clientId=LB-72E778C0-10607&image=&title=&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F
- Requested by
- Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox-lite/current/jukebox.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
52.55.132.161
Ashburn, United States,
ASN14618
(AMAZON-AES, US),
- Reverse DNS
- ec2-52-55-132-161.compute-1.amazonaws.com
- Software
-
/
- Resource Hash
- cf3b5824bacaaa2d01631580b0efc58f587fa1c4deb5dd9024f85752038e23d6
- Security Headers
-
Name |
Value |
Content-Security-Policy |
|
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
|
OPTIONS
H2
|
200
|
init
jukebox.pathfactory.com/api/public/v1/
Frame
|
0
0
|
302ms
99ms
|
Preflight
|
52.55.132.161
AMAZON-AES
|
|
General
- Full URL
- https://jukebox.pathfactory.com/api/public/v1/init?clientId=LB-72E778C0-10607&image=&title=&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
52.55.132.161
Ashburn, United States,
ASN14618
(AMAZON-AES, US),
- Reverse DNS
- ec2-52-55-132-161.compute-1.amazonaws.com
- Software
-
/
- Resource Hash
|
GET
H2
|
200
|
pro.min.css
Show response
ka-p.fontawesome.com/releases/v6.5.2/css/
|
672 KB
118 KB
|
52ms
46ms
|
Fetch
text/css |
2606:4700:4400::ac40:93bc
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-v4-shims.min.css
Show response
ka-p.fontawesome.com/releases/v6.5.2/css/
|
27 KB
4 KB
|
41ms
36ms
|
Fetch
text/css |
2606:4700:4400::ac40:93bc
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-v5-font-face.min.css
Show response
ka-p.fontawesome.com/releases/v6.5.2/css/
|
50 KB
7 KB
|
43ms
38ms
|
Fetch
text/css |
2606:4700:4400::ac40:93bc
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-v4-font-face.min.css
Show response
ka-p.fontawesome.com/releases/v6.5.2/css/
|
7 KB
2 KB
|
59ms
53ms
|
Fetch
text/css |
2606:4700:4400::ac40:93bc
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
kit-upload.css
Show response
kit.fontawesome.com/2f1bae2942/120279590/
|
439 B
406 B
|
33ms
33ms
|
Fetch
text/css |
2606:4700:4400::ac40:93bc
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
font-awesome.min.css
cdn-app.pathfactory.com/web-fonts/font-awesome/
|
28 KB
7 KB
|
23ms
22ms
|
Stylesheet
text/css |
13.32.99.82
AMAZON-02
|
|
|
GET
H2
|
200
|
roboto_lato.css
cdn-app.pathfactory.com/web-fonts/roboto_lato/
|
5 KB
1 KB
|
24ms
24ms
|
Stylesheet
text/css |
13.32.99.82
AMAZON-02
|
|
|
GET
H2
|
200
|
S6uyw4BMUTPHjx4wXiWtFCc.woff2
cdn-app.pathfactory.com/web-fonts/roboto_lato/
|
14 KB
14 KB
|
82ms
32ms
|
Font
binary/octet-stream |
13.32.99.82
AMAZON-02
|
|
|
GET
H2
|
200
|
pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/
|
37 KB
37 KB
|
31ms
30ms
|
Font
font/woff2 |
2606:4700:4400::ac40:93bc
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-fa-duotone-900-2.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/
|
16 KB
16 KB
|
42ms
42ms
|
Font
font/woff2 |
2606:4700:4400::ac40:93bc
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/
|
14 KB
14 KB
|
41ms
41ms
|
Font
font/woff2 |
2606:4700:4400::ac40:93bc
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-fa-regular-400-12.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/
|
17 KB
17 KB
|
44ms
44ms
|
Font
font/woff2 |
2606:4700:4400::ac40:93bc
CLOUDFLARENET
|
|
|
GET
H3
|
200
|
lottie.565b778d23c04461c4ea.bundle.min.js
Show response
logrhythm.com/wp-content/plugins/elementor-pro/assets/js/
|
14 KB
7 KB
|
184ms
184ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor-pro/assets/js/lottie.565b778d23c04461c4ea.bundle.min.js
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.20.2
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 9fc308738978262c5dfffa90d2672638bb659a2dd20046e1be6db387d6dd3fe2
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
search-form.a25a87283d08dad12f18.bundle.min.js
Show response
logrhythm.com/wp-content/plugins/elementor-pro/assets/js/
|
2 KB
4 KB
|
203ms
203ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor-pro/assets/js/search-form.a25a87283d08dad12f18.bundle.min.js
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.20.2
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- c8fc34d2947a230d4fe54344e4e873e9871f2cfe7eec5473e68568e3d79843f1
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
text-editor.2c35aafbe5bf0e127950.bundle.min.js
Show response
logrhythm.com/wp-content/plugins/elementor/assets/js/
|
1 KB
4 KB
|
35ms
34ms
|
Script
application/javascript |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.20.3
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 00952715c953d7e8a330645295c52002b898c5d06c8f75e389c611f9b5d7968d
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
29522-space-tour.json
Show response
logrhythm.com/wp-content/uploads/2021/07/
|
842 KB
846 KB
|
203ms
203ms
|
XHR
application/octet-stream |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2021/07/29522-space-tour.json
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/wp-content/plugins/elementor-pro/assets/lib/lottie/lottie.min.js?ver=5.6.6
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 5757a4c7172efe71ca15fab282fc65180c699d488593e87ac4ab7a14394f5492
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
8fa18974-bc57-4d14-96b9-689a8c29b32c.js
Show response
j.6sc.co/j/
|
4 KB
5 KB
|
587ms
503ms
|
Script
application/javascript |
2.17.100.184
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
hotjar-1803640.js
Show response
static.hotjar.com/c/
|
9 KB
4 KB
|
136ms
53ms
|
Script
application/javascript |
18.66.102.11
AMAZON-02
|
|
|
GET
H2
|
200
|
insight.min.js
Show response
snap.licdn.com/li.lms-analytics/
|
48 KB
17 KB
|
112ms
30ms
|
Script
application/javascript |
2a02:26f0:3500:16::215:148b
AKAMAI-ASN1
|
|
|
GET
H/1.1
|
200
OK
|
munchkin.js
Show response
munchkin.marketo.net/
|
1 KB
1 KB
|
104ms
24ms
|
Script
application/x-javascript |
88.221.60.75
AKAMAI-AS
|
|
|
GET
H2
|
200
|
fbevents.js
Show response
connect.facebook.net/en_US/
|
218 KB
59 KB
|
103ms
22ms
|
Script
application/x-javascript |
2a03:2880:f084:d:face:b00c:0:3
FACEBOOK
|
|
General
- Full URL
- https://connect.facebook.net/en_US/fbevents.js
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a03:2880:f084:d:face:b00c:0:3
Frankfurt am Main, Germany,
ASN32934
(FACEBOOK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- 047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; |
Strict-Transport-Security |
max-age=31536000; preload; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
0 |
|
GET
H3
|
200
|
zi-tag.js
Show response
js.zi-scripts.com/
|
8 KB
3 KB
|
111ms
31ms
|
Script
application/javascript |
172.64.150.44
CLOUDFLARENET
|
|
|
GET
H3
|
200
|
favicon.ico
logrhythm.com/
|
15 KB
14 KB
|
45ms
44ms
|
Other
image/x-icon |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/favicon.ico
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- a7a5aa60ddbd44255fd0d27f1d3addb496e8fedeaebbcc0ca5138ba1c0825e16
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
munchkin.js
Show response
munchkin.marketo.net/163/
|
11 KB
5 KB
|
37ms
37ms
|
Script
application/x-javascript |
88.221.60.75
AKAMAI-AS
|
|
|
GET
H3
|
200
|
getSubscriptions
Show response
js.zi-scripts.com/unified/v1/master/
|
270 B
601 B
|
457ms
457ms
|
Fetch
application/json |
172.64.150.44
CLOUDFLARENET
|
|
|
OPTIONS
H3
|
204
|
getSubscriptions
js.zi-scripts.com/unified/v1/master/
Frame
|
0
0
|
509ms
469ms
|
Preflight
|
172.64.150.44
CLOUDFLARENET
|
|
General
- Full URL
- https://js.zi-scripts.com/unified/v1/master/getSubscriptions
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
172.64.150.44
San Francisco, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
Express
- Resource Hash
|
POST
H2
|
204
|
/
Show response
px.ads.linkedin.com/wa/
|
0
700 B
|
368ms
159ms
|
XHR
text/plain |
2620:1ec:21::14
MICROSOFT-CORP-MS...
|
|
|
GET
H2
|
200
|
collect
px4.ads.linkedin.com/
Redirect Chain
-
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4380604&time=1712242949719&li_adsId=e8b7d9b3-984f-4e56-ae7e-553d74f9a805&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%...
-
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4380604&time=1712242949719&li_adsId=e8b7d9b3-984f-4e56-ae7e-553d74f9a805&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%...
-
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4380604&time=1712242949719&li_adsId=e8b7d9b3-984f-4e56-ae7e-553d74f9a805&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F...
|
0
266 B
|
229ms
189ms
|
Image
application/javascript |
13.107.42.14
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4380604&time=1712242949719&li_adsId=e8b7d9b3-984f-4e56-ae7e-553d74f9a805&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQI66VcMl7WFtAAAAY6pogBKkU72cOE3qAGfBwpSfRwGv8_ZE-T7EaLDeO1OEq1VopPTjmU
- Protocol
- H2
- Server
-
13.107.42.14
, United States,
ASN8068
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
GET
H2
|
200
|
modules.4bbac2bdc7f1b66d3009.js
Show response
script.hotjar.com/
|
221 KB
55 KB
|
220ms
25ms
|
Script
application/javascript |
13.32.27.19
AMAZON-02
|
|
|
POST
H/1.1
|
200
OK
|
visitWebPage
050-uwt-888.mktoresp.com/webevents/
|
2 B
318 B
|
581ms
96ms
|
Ping
text/plain |
192.28.144.124
OMNITURE
|
|
General
- Full URL
- https://050-uwt-888.mktoresp.com/webevents/visitWebPage?_mchNc=1712242949744&_mchCn=&_mchId=050-UWT-888&_mchTk=_mch-logrhythm.com-1712242949744-46899&_mchHo=logrhythm.com&_mchPo=&_mchRu=%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
- Requested by
- Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
192.28.144.124
, United States,
ASN15224
(OMNITURE, US),
- Reverse DNS
- Software
-
nginx/1.20.1 /
- Resource Hash
- 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
|
GET
H2
|
200
|
232919347190734
Show response
connect.facebook.net/signals/config/
|
65 KB
14 KB
|
157ms
156ms
|
Script
application/x-javascript |
2a03:2880:f084:d:face:b00c:0:3
FACEBOOK
|
|
General
- Full URL
- https://connect.facebook.net/signals/config/232919347190734?v=2.9.151&r=stable&domain=logrhythm.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104
- Requested by
- Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a03:2880:f084:d:face:b00c:0:3
Frankfurt am Main, Germany,
ASN32934
(FACEBOOK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- f0cfe5bb3632a93b092412b0fcfc4072ea3a7aec330b6140344c1c68d5f82575
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; |
Strict-Transport-Security |
max-age=31536000; preload; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
242.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
173 KB
59 KB
|
28ms
26ms
|
Script
application/javascript |
13.32.99.82
AMAZON-02
|
|
|
GET
H2
|
200
|
689.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
16 KB
6 KB
|
25ms
24ms
|
Script
application/javascript |
13.32.99.82
AMAZON-02
|
|
|
GET
H2
|
200
|
426.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
144 KB
49 KB
|
32ms
31ms
|
Script
application/javascript |
13.32.99.82
AMAZON-02
|
|
|
GET
H2
|
200
|
421.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
73 KB
18 KB
|
35ms
34ms
|
Script
application/javascript |
13.32.99.82
AMAZON-02
|
|
|
GET
H2
|
200
|
796.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
117 KB
27 KB
|
50ms
49ms
|
Script
application/javascript |
13.32.99.82
AMAZON-02
|
|
|
GET
H2
|
200
|
98.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
52 KB
13 KB
|
47ms
46ms
|
Script
application/javascript |
13.32.99.82
AMAZON-02
|
|
|
GET
H2
|
204
|
website_forms
Show response
jukebox.pathfactory.com/api/public/v1/
|
0
408 B
|
146ms
146ms
|
XHR
text/plain |
52.55.132.161
AMAZON-AES
|
|
General
- Full URL
- https://jukebox.pathfactory.com/api/public/v1/website_forms?clientId=LB-72E778C0-10607&pfVisitorUuid=&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F
- Requested by
- Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox-lite/current/jukebox.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
52.55.132.161
Ashburn, United States,
ASN14618
(AMAZON-AES, US),
- Reverse DNS
- ec2-52-55-132-161.compute-1.amazonaws.com
- Software
-
/
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
OPTIONS
H2
|
200
|
website_forms
jukebox.pathfactory.com/api/public/v1/
Frame
|
0
0
|
97ms
96ms
|
Preflight
|
52.55.132.161
AMAZON-AES
|
|
General
- Full URL
- https://jukebox.pathfactory.com/api/public/v1/website_forms?clientId=LB-72E778C0-10607&pfVisitorUuid=&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
52.55.132.161
Ashburn, United States,
ASN14618
(AMAZON-AES, US),
- Reverse DNS
- ec2-52-55-132-161.compute-1.amazonaws.com
- Software
-
/
- Resource Hash
|
GET
H2
|
200
|
/
www.facebook.com/tr/
|
0
274 B
|
71ms
23ms
|
Image
text/plain |
2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK
|
|
General
- Full URL
- https://www.facebook.com/tr/?id=232919347190734&ev=PageView&dl=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&rl=&if=false&ts=1712242949934&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4125&fbp=fb.1.1712242949932.334287589&cs_est=true&ler=empty&cdl=API_unavailable&it=1712242949758&coo=false&rqm=GET
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a03:2880:f177:83:face:b00c:0:25de
Frankfurt am Main, Germany,
ASN32934
(FACEBOOK, US),
- Reverse DNS
- Software
-
proxygen-bolt /
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
|
HEAD
H/1.1
|
200
OK
|
tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/
|
0
0
|
393ms
94ms
|
Fetch
image/gif |
54.152.183.68
AMAZON-AES
|
|
General
- Full URL
- https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
- Requested by
- Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox-lite/current/jukebox.js
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
54.152.183.68
Ashburn, United States,
ASN14618
(AMAZON-AES, US),
- Reverse DNS
- ec2-54-152-183-68.compute-1.amazonaws.com
- Software
-
akka-http/10.0.9 /
- Resource Hash
|
GET
H2
|
200
|
6si.min.js
Show response
j.6sc.co/
|
64 KB
18 KB
|
66ms
65ms
|
Script
application/javascript |
2.17.100.184
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
/
Show response
c.6sc.co/
|
7 B
192 B
|
55ms
42ms
|
XHR
text/html |
2.17.100.184
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
/
Show response
ipv6.6sc.co/
|
19 B
306 B
|
98ms
23ms
|
XHR
text/html |
2a02:26f0:ab00::214:8e70
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
484 B
|
233ms
220ms
|
Image
image/gif |
2.17.100.184
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=05750b0314b98f84ad20a6fe422744a5&svisitor=null&visitor=34ba9420-3a1f-47d9-8194-c57863f96c5e&session=6f5d4029-3952-444e-83a5-dc3089da20e9&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2004%20Apr%202024%2015%3A02%3A30%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20LogRhythm%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&pageViewId=30056d17-787b-49e9-882c-03fd34b6d651&webTagId=8fa18974-bc57-4d14-96b9-689a8c29b32c&v=1.1.15
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.184
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-184.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
484 B
|
242ms
230ms
|
Image
image/gif |
2.17.100.184
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=05750b0314b98f84ad20a6fe422744a5&svisitor=null&visitor=34ba9420-3a1f-47d9-8194-c57863f96c5e&session=6f5d4029-3952-444e-83a5-dc3089da20e9&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%2205750b0314b98f84ad20a6fe422744a5%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2015%3A02%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2015%3A02%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%223ee786d75ca9f310bc0644a4c464da0447c3301e%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2015%3A02%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2015%3A02%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2015%3A02%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2015%3A02%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2015%3A02%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2015%3A02%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%228fa18974-bc57-4d14-96b9-689a8c29b32c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2015%3A02%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2015%3A02%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2015%3A02%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2015%3A02%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Apr%202024%2015%3A02%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20LogRhythm%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&pageViewId=30056d17-787b-49e9-882c-03fd34b6d651&webTagId=8fa18974-bc57-4d14-96b9-689a8c29b32c&v=1.1.15
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.184
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-184.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
DATA
|
200
OK
|
truncated
/
|
31 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
31 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
170 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
22 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
21 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
21 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
22 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
33 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
57 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
39 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
176 KB
0
|
|
Image
image/png |
|
|
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
483 B
|
215ms
215ms
|
Image
image/gif |
2.17.100.184
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=05750b0314b98f84ad20a6fe422744a5&svisitor=null&visitor=34ba9420-3a1f-47d9-8194-c57863f96c5e&session=6f5d4029-3952-444e-83a5-dc3089da20e9&event=ipv6&q=%7B%22address%22%3A%222001%3A41d0%3A8%3Ad154%3A%3A3%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20LogRhythm%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&pageViewId=30056d17-787b-49e9-882c-03fd34b6d651&webTagId=8fa18974-bc57-4d14-96b9-689a8c29b32c&v=1.1.15
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.184
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-184.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
sp.lite.js
Show response
cdn-app.pathfactory.com/libraries/tracker/3.19.0/
|
43 KB
15 KB
|
23ms
23ms
|
Script
application/javascript |
13.32.99.82
AMAZON-02
|
|
|
GET
H2
|
200
|
details
Show response
epsilon.6sense.com/v3/company/
|
2 KB
1 KB
|
87ms
41ms
|
XHR
application/json |
76.223.9.105
AMAZON-02
|
|
|
OPTIONS
H2
|
200
|
details
epsilon.6sense.com/v3/company/
Frame
|
0
0
|
87ms
30ms
|
Preflight
|
76.223.9.105
AMAZON-02
|
|
|
OPTIONS
H2
|
200
|
recommendations
jukebox.pathfactory.com/api/public/v3/
Frame
|
0
0
|
97ms
96ms
|
Preflight
|
52.55.132.161
AMAZON-AES
|
|
General
- Full URL
- https://jukebox.pathfactory.com/api/public/v3/recommendations?clientId=LB-72E778C0-10607&sourceType=2&pfVisitorUuid=6313f79a-6a47-4b47-ac09-51f90b337ec1&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&contentPoolId=e7ab94d5-a239-4c54-86d7-9dc5fd4f4276&contentDisplayedType=collection&collectionRuleId=&appearanceId=&recommendationType=trending&sessionId=557313a2-50e1-4e61-8566-8a0b1adff2e6&webcontextId=7b1bd4f3-891a-4264-98ee-a9baaa86b22f&noPosts=5
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
52.55.132.161
Ashburn, United States,
ASN14618
(AMAZON-AES, US),
- Reverse DNS
- ec2-52-55-132-161.compute-1.amazonaws.com
- Software
-
/
- Resource Hash
|
OPTIONS
H2
|
200
|
recommendations
jukebox.pathfactory.com/api/public/v3/
Frame
|
0
0
|
100ms
99ms
|
Preflight
|
52.55.132.161
AMAZON-AES
|
|
General
- Full URL
- https://jukebox.pathfactory.com/api/public/v3/recommendations?clientId=LB-72E778C0-10607&sourceType=2&pfVisitorUuid=6313f79a-6a47-4b47-ac09-51f90b337ec1&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&contentPoolId=e7ab94d5-a239-4c54-86d7-9dc5fd4f4276&contentDisplayedType=collection&collectionRuleId=&appearanceId=&recommendationType=yml&sessionId=557313a2-50e1-4e61-8566-8a0b1adff2e6&webcontextId=7b1bd4f3-891a-4264-98ee-a9baaa86b22f&noPosts=5
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
52.55.132.161
Ashburn, United States,
ASN14618
(AMAZON-AES, US),
- Reverse DNS
- ec2-52-55-132-161.compute-1.amazonaws.com
- Software
-
/
- Resource Hash
|
GET
H2
|
200
|
link-click.js
Show response
cdn-app.pathfactory.com/libraries/tracker/3.19.0/plugin/
|
6 KB
3 KB
|
22ms
22ms
|
Script
application/javascript |
13.32.99.82
AMAZON-02
|
|
|
GET
H2
|
200
|
recommendations
Show response
jukebox.pathfactory.com/api/public/v3/
|
4 KB
2 KB
|
2728ms
2728ms
|
XHR
application/json |
52.55.132.161
AMAZON-AES
|
|
General
- Full URL
- https://jukebox.pathfactory.com/api/public/v3/recommendations?clientId=LB-72E778C0-10607&sourceType=2&pfVisitorUuid=6313f79a-6a47-4b47-ac09-51f90b337ec1&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&contentPoolId=e7ab94d5-a239-4c54-86d7-9dc5fd4f4276&contentDisplayedType=collection&collectionRuleId=&appearanceId=&recommendationType=trending&sessionId=557313a2-50e1-4e61-8566-8a0b1adff2e6&webcontextId=7b1bd4f3-891a-4264-98ee-a9baaa86b22f&noPosts=5
- Requested by
- Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox-lite/current/jukebox.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
52.55.132.161
Ashburn, United States,
ASN14618
(AMAZON-AES, US),
- Reverse DNS
- ec2-52-55-132-161.compute-1.amazonaws.com
- Software
-
/
- Resource Hash
- d4185c058b3d6dd6c7735a174389257dbf280747eefcc62551e95d0f3f255eef
- Security Headers
-
Name |
Value |
Content-Security-Policy |
|
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
recommendations
Show response
jukebox.pathfactory.com/api/public/v3/
|
5 KB
2 KB
|
494ms
493ms
|
XHR
application/json |
52.55.132.161
AMAZON-AES
|
|
General
- Full URL
- https://jukebox.pathfactory.com/api/public/v3/recommendations?clientId=LB-72E778C0-10607&sourceType=2&pfVisitorUuid=6313f79a-6a47-4b47-ac09-51f90b337ec1&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&contentPoolId=e7ab94d5-a239-4c54-86d7-9dc5fd4f4276&contentDisplayedType=collection&collectionRuleId=&appearanceId=&recommendationType=yml&sessionId=557313a2-50e1-4e61-8566-8a0b1adff2e6&webcontextId=7b1bd4f3-891a-4264-98ee-a9baaa86b22f&noPosts=5
- Requested by
- Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox-lite/current/jukebox.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
52.55.132.161
Ashburn, United States,
ASN14618
(AMAZON-AES, US),
- Reverse DNS
- ec2-52-55-132-161.compute-1.amazonaws.com
- Software
-
/
- Resource Hash
- 3e98aa3a6f9d1ead471762bca99dd9b967fa820667d3d240da3a56df763b176c
- Security Headers
-
Name |
Value |
Content-Security-Policy |
|
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
|
OPTIONS
H/1.1
|
200
OK
|
tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/
Frame
|
0
0
|
95ms
95ms
|
Preflight
|
54.152.183.68
AMAZON-AES
|
|
|
OPTIONS
H2
|
200
|
tp2
jukebox.pathfactory.com/com.snowplowanalytics.snowplow/
Frame
|
0
0
|
97ms
97ms
|
Preflight
|
52.55.132.161
AMAZON-AES
|
|
|
POST
H/1.1
|
200
OK
|
tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/
|
2 B
458 B
|
399ms
101ms
|
Ping
text/plain |
54.152.183.68
AMAZON-AES
|
|
|
POST
H2
|
200
|
tp2
jukebox.pathfactory.com/com.snowplowanalytics.snowplow/
|
0
439 B
|
113ms
112ms
|
Ping
text/html |
52.55.132.161
AMAZON-AES
|
|
|
OPTIONS
H3
|
200
|
/
ws.zoominfo.com/pixel/63f526f5ff88320bcff96dc8/
Frame
|
0
0
|
203ms
164ms
|
Preflight
text/html |
104.16.137.15
CLOUDFLARENET
|
|
General
- Full URL
- https://ws.zoominfo.com/pixel/63f526f5ff88320bcff96dc8/?iszitag=true
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
104.16.137.15
-, ,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
Express
- Resource Hash
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H3
|
200
|
formcomplete.js
Show response
ws-assets.zoominfo.com/
|
86 KB
27 KB
|
101ms
55ms
|
Script
application/javascript |
104.16.136.15
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
insent
Show response
logrhythm.widget.insent.ai/
|
80 KB
23 KB
|
132ms
29ms
|
Script
binary/octet-stream |
2600:9000:225e:7400:f:7ae2:7780:93a1
AMAZON-02
|
|
|
GET
H3
|
200
|
/
Show response
ws.zoominfo.com/pixel/63f526f5ff88320bcff96dc8/
|
3 KB
2 KB
|
403ms
360ms
|
Fetch
text/javascript |
104.16.137.15
CLOUDFLARENET
|
|
|
OPTIONS
H3
|
200
|
forms
ws.zoominfo.com/formcomplete-v2/
Frame
|
0
0
|
162ms
161ms
|
Preflight
text/html |
104.16.137.15
CLOUDFLARENET
|
|
General
- Full URL
- https://ws.zoominfo.com/formcomplete-v2/forms
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
104.16.137.15
-, ,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
Express
- Resource Hash
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
POST
H3
|
200
|
forms
Show response
ws.zoominfo.com/formcomplete-v2/
|
2 B
379 B
|
203ms
203ms
|
Fetch
application/json |
104.16.137.15
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
/
logrhythm.widget.insent.ai/
Frame 8130
|
0
0
|
73ms
26ms
|
Document
text/html |
2600:9000:225e:4000:f:7ae2:7780:93a1
AMAZON-02
|
|
General
- Full URL
- https://logrhythm.widget.insent.ai/?project_key=eCHZJAVbbvK7Q39sF6oo&blog_url=logrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&event_listener=BgQE8UTpKViJruK&marketo_cookies=[%22_mch-logrhythm.com-1712242949744-46899%22]&parent_innerwidth=1600&parent_innerheight=1113&widgetVisibility=true&locale=undefined&user_id=5325e63a5c5f9d241f3a1712242950&_zitok=5325e63a5c5f9d241f3a1712242950
- Requested by
- Host: logrhythm.widget.insent.ai
URL: https://logrhythm.widget.insent.ai/insent
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:225e:4000:f:7ae2:7780:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
AmazonS3 /
- Resource Hash
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
483 B
|
244ms
244ms
|
Image
image/gif |
2.17.100.184
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=05750b0314b98f84ad20a6fe422744a5&svisitor=null&visitor=34ba9420-3a1f-47d9-8194-c57863f96c5e&session=6f5d4029-3952-444e-83a5-dc3089da20e9&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Apr%202024%2015%3A02%3A31%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Apr%202024%2015%3A02%3A30%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%221005%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20LogRhythm%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&pageViewId=30056d17-787b-49e9-882c-03fd34b6d651&webTagId=8fa18974-bc57-4d14-96b9-689a8c29b32c&v=1.1.15
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.184
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-184.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
483 B
|
230ms
229ms
|
Image
image/gif |
2.17.100.184
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=05750b0314b98f84ad20a6fe422744a5&svisitor=null&visitor=34ba9420-3a1f-47d9-8194-c57863f96c5e&session=6f5d4029-3952-444e-83a5-dc3089da20e9&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Apr%202024%2015%3A02%3A32%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Apr%202024%2015%3A02%3A31%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222006%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20LogRhythm%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&pageViewId=30056d17-787b-49e9-882c-03fd34b6d651&webTagId=8fa18974-bc57-4d14-96b9-689a8c29b32c&v=1.1.15
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.184
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-184.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
OPTIONS
H/1.1
|
200
OK
|
tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/
Frame
|
0
0
|
94ms
94ms
|
Preflight
|
54.152.183.68
AMAZON-AES
|
|
|
GET
H3
|
200
|
MicrosoftTeams-image-4.jpeg
logrhythm.com/wp-content/uploads/2021/08/
|
69 KB
73 KB
|
634ms
633ms
|
Image
image/jpeg |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2021/08/MicrosoftTeams-image-4.jpeg
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 8c9dad6cf1c9d851ad8ecc7e93ce7314b1af655d2eafa1d73f7840f08139c9fe
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
iStock-1136976008.jpg
logrhythm.com/wp-content/uploads/2020/04/
|
45 KB
49 KB
|
208ms
206ms
|
Image
image/jpeg |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2020/04/iStock-1136976008.jpg
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 21d7111b0f0275b69b74a7232d180a34e2fcbadcea597461a7021d470f32d4b5
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
Assisted-Search-e1707342409724.gif
logrhythm.com/wp-content/uploads/2024/01/
|
103 KB
106 KB
|
33ms
32ms
|
Image
image/webp |
141.193.213.20
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2024/01/Assisted-Search-e1707342409724.gif
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.20
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 7e0e4786c83cc6a249c49fc95d74cb37736c9c2c625fdf901b7c155381ef62f2
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://*.6sc.co https://*.6sense.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://play.vidyard.com https://google.com https://cdn.linkedin.oribi.io https://px.ads.linkedin.com https://js.zi-scripts.com https://*.privacymanager.io https://epsilon.6sense.com https://*.6sc.co https://analytics.google.com https://*.googlesyndication.com https://ws.zoominfo.com https://bat.bing.com https://spcollector.pathfactory.com https://adservice.google.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://050-uwt-888.mktoresp.com; font-src 'self' data: https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://cdn-app.pathfactory.com https://*.fontawesome.com https://www.gartner.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://js.zi-scripts.com https://ws-assets.zoominfo.com https://*.trustarc.com https://launchpad.privacymanager.io https://launchpad-wrapper.privacymanager.io https://jobs.jobvite.com https://play.vidyard.com https://yoast.com https://ws.zoominfo.com https://player.vimeo.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://cdn-app.pathfactory.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://demostack.app https://*.trustarc.com https://*.doubleclick.net https://shortpixel.com https://logrhythm.com https://*.logrhythm.com https://forms.office.com https://jobs.jobvite.com https://play.vidyard.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
dfe98c76-3bed-47df-bc11-5d810c3eae6f.woff
cdn.pathfactory.com/assets/2/fonts/
|
12 KB
12 KB
|
556ms
439ms
|
Font
application/font-woff |
13.35.58.60
AMAZON-02
|
|
|
GET
H2
|
200
|
ef617c92-5ed3-4437-a74e-6938ccdefd37.woff
cdn.pathfactory.com/assets/2/fonts/
|
14 KB
14 KB
|
542ms
426ms
|
Font
application/font-woff |
13.35.58.60
AMAZON-02
|
|
|
GET
H2
|
200
|
fontawesome-webfont.woff2
cdn-app.pathfactory.com/web-fonts/font-awesome/
|
69 KB
70 KB
|
26ms
26ms
|
Font
binary/octet-stream |
13.32.99.82
AMAZON-02
|
|
|
POST
H/1.1
|
200
OK
|
tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/
|
2 B
458 B
|
100ms
99ms
|
Ping
text/plain |
54.152.183.68
AMAZON-AES
|
|
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
483 B
|
215ms
214ms
|
Image
image/gif |
2.17.100.184
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=05750b0314b98f84ad20a6fe422744a5&svisitor=null&visitor=34ba9420-3a1f-47d9-8194-c57863f96c5e&session=6f5d4029-3952-444e-83a5-dc3089da20e9&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Apr%202024%2015%3A02%3A33%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Apr%202024%2015%3A02%3A32%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223006%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20LogRhythm%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&pageViewId=30056d17-787b-49e9-882c-03fd34b6d651&webTagId=8fa18974-bc57-4d14-96b9-689a8c29b32c&v=1.1.15
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.184
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-184.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
OPTIONS
H/1.1
|
200
OK
|
tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/
Frame
|
0
0
|
95ms
94ms
|
Preflight
|
54.152.183.68
AMAZON-AES
|
|
|
OPTIONS
H/1.1
|
200
OK
|
tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/
Frame
|
0
0
|
189ms
94ms
|
Preflight
|
54.152.183.68
AMAZON-AES
|
|
|
POST
H/1.1
|
200
OK
|
tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/
|
2 B
458 B
|
100ms
100ms
|
Ping
text/plain |
54.152.183.68
AMAZON-AES
|
|
|
POST
H/1.1
|
200
OK
|
tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/
|
2 B
458 B
|
106ms
99ms
|
Ping
text/plain |
54.152.183.68
AMAZON-AES
|
|
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
483 B
|
213ms
213ms
|
Image
image/gif |
2.17.100.184
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=05750b0314b98f84ad20a6fe422744a5&svisitor=null&visitor=34ba9420-3a1f-47d9-8194-c57863f96c5e&session=6f5d4029-3952-444e-83a5-dc3089da20e9&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Apr%202024%2015%3A02%3A34%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Apr%202024%2015%3A02%3A33%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224007%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20LogRhythm%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&pageViewId=30056d17-787b-49e9-882c-03fd34b6d651&webTagId=8fa18974-bc57-4d14-96b9-689a8c29b32c&v=1.1.15
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.184
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-184.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
483 B
|
273ms
273ms
|
Image
image/gif |
2.17.100.184
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=05750b0314b98f84ad20a6fe422744a5&svisitor=null&visitor=34ba9420-3a1f-47d9-8194-c57863f96c5e&session=6f5d4029-3952-444e-83a5-dc3089da20e9&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Apr%202024%2015%3A02%3A35%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Apr%202024%2015%3A02%3A34%20GMT%22%2C%22timeSpent%22%3A%221008%22%2C%22totalTimeSpent%22%3A%225015%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Page%20not%20found%20%7C%20LogRhythm%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&pageViewId=30056d17-787b-49e9-882c-03fd34b6d651&webTagId=8fa18974-bc57-4d14-96b9-689a8c29b32c&v=1.1.15
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.184
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-184.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
POST
H2
|
204
|
collect
region1.analytics.google.com/g/
|
0
45 B
|
23ms
23ms
|
Ping
text/plain |
2001:4860:4802:32::36
GOOGLE
|
|
General
- Full URL
- https://region1.analytics.google.com/g/collect?v=2&tid=G-1FE13FG8WE>m=45je4410v867738930z8830930082za200&_p=1712242948635&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1949584526.1712242949&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1712242949&sct=1&seg=0&dl=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&dt=Page%20not%20found%20%7C%20LogRhythm&tfd=8577
- Requested by
- Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1FE13FG8WE&l=dataLayer&cx=c
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2001:4860:4802:32::36
, United States,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
Golfe2 /
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|