urlscan.io logo urlscan.io
SecurityTrails logo

cyberfeed.io Open in urlscan Pro
2606:4700:3037::6815:2880  Public Scan

Go To Rescan Add Verdict Report
URL: https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
Submission: On November 15 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3037::6815:2880, located in United States and belongs to CLOUDFLARENET, US. The main domain is cyberfeed.io.
TLS certificate: Issued by E1 on October 28th 2022. Valid for: 3 months.
This is the only time cyberfeed.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a05:d014:275... 16509 (AMAZON-02)
3 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a01:7e01::f0... 63949 (LINODE-AP...)
13 8
4    2606:4700:3037::6815:2880 (United States)

ASN13335 (CLOUDFLARENET, US)
cyberfeed.io
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:20::681a:85b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tailwindcss.com
1    2a05:d014:275:cb01:8909:43f0:2069:7b77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
gc.zgo.at
3    2a02:26f0:e300:18d::312e (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
cdn-icons-png.flaticon.com
1    2606:4700:20::681a:61 (United States)

ASN13335 (CLOUDFLARENET, US)
thehackernews.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a01:7e01::f03c:92ff:fe8f:edc6 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
cyberfeed.goatcounter.com
Apex Domain
Subdomains		 Transfer
4 cyberfeed.io
cyberfeed.io
5 KB
3 flaticon.com
cdn-icons-png.flaticon.com — Cisco Umbrella Rank: 47494
32 KB
2 tailwindcss.com
cdn.tailwindcss.com — Cisco Umbrella Rank: 77688
103 KB
1 goatcounter.com
cyberfeed.goatcounter.com
710 B
1 gstatic.com
fonts.gstatic.com
15 KB
1 thehackernews.com
thehackernews.com — Cisco Umbrella Rank: 160630
42 KB
1 zgo.at
gc.zgo.at — Cisco Umbrella Rank: 235601
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1019 B
13 8
Domain Requested by
4 cyberfeed.io cyberfeed.io
3 cdn-icons-png.flaticon.com cyberfeed.io
2 cdn.tailwindcss.com 1 redirects cyberfeed.io
1 cyberfeed.goatcounter.com cyberfeed.io
1 fonts.gstatic.com fonts.googleapis.com
1 thehackernews.com cyberfeed.io
1 gc.zgo.at cyberfeed.io
1 fonts.googleapis.com cyberfeed.io
13 8

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.linkedin.com
finance.yahoo.com
thehackernews.com
akatz.org
Subject Issuer Validity Valid
*.cyberfeed.io
E1		 2022-10-28 -
2023-01-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
gc.zgo.at
R3		 2022-11-14 -
2023-02-12		 3 months crt.sh
freepik.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-22 -
2023-07-22		 a year crt.sh
thehackernews.com
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.goatcounter.com
R3		 2022-11-01 -
2023-01-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
Frame ID: BB2BE392750DC7E442B2EF517F1F1DC8
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

New "Earth Longzhi" APT Targets Ukraine and Asian Countries with Custom Cobalt Strike Loaders | Cyberfeed.io

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

92 %
HTTPS

100 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

201 kB
Transfer

441 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://cdn.tailwindcss.com/ HTTP 302
  • https://cdn.tailwindcss.com/3.2.4

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 9ea50c473b9807fdd79013a88e60f354
cyberfeed.io/article/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2880 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cc880eceabf85fbea83887ef07bec1d1f78ba5a6e42611e7342937a6c3bf10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76a5cfb39f8771c8-LHR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 15 Nov 2022 06:08:16 GMT
fly-request-id
01GHWYE32CBK6HPHHVCWWMZ7G7-lhr
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEosAp7ANoYTAqNIctPg8AL%2BNaa%2FRIHp31o9ILePYlAxB1tCpA923chtXHRudNDeC0zNDOEPy3pC%2BUJMHhJ99sKyiKjrn6PjF3US85vS6w2wZMgxpCmppaTF1ruz1w7IPwTUXwottz%2F7oUU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
2 fly.io
css
fonts.googleapis.com/ 		2 KB
1019 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Exo+2
Requested by
Host: cyberfeed.io
URL: https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ede9bcceac6363b184cf51bfa50069bec06162d26a855be9485efb39c80b67cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cyberfeed.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 15 Nov 2022 06:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 05:24:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Nov 2022 06:08:16 GMT
3.2.4
cdn.tailwindcss.com/
Redirect Chain
  • https://cdn.tailwindcss.com/
  • https://cdn.tailwindcss.com/3.2.4
335 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tailwindcss.com/3.2.4
Requested by
Host: cyberfeed.io
URL: https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
Protocol
H2
Server
2606:4700:20::681a:85b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a01735039e4a6522fc7dcf18ca47dcea2c2e4b50c07d8e898190eee8f3111056
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cyberfeed.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:08:16 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Nov 2022 17:46:48 GMT
x-vercel-id
syd1::iad1::k976q-1668188807415-4e95c057a5a8
server
cloudflare
age
303671
x-vercel-cache
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fsb%2FFdY4TuHL08ZOPNRkmDBTlNo%2Br0iDlniwMAm2bhuUi6%2BJ82RQDY3QTbIGiYOVh8uk6iTmUktLhjvB8oqgKLyEKXcY3JnfZUCe4qu5ZZRjLPw49JXXuoQGzX2vTx6RDGFF%2Fi9rdtQJMoVnKOngrR8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=31536000
cf-ray
76a5cfb65a3476f6-LHR

Redirect headers

date
Tue, 15 Nov 2022 06:08:16 GMT
strict-transport-security
max-age=63072000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id
syd1::iad1::l5tn2-1668491197686-1aaaeec31a8e
server
cloudflare
age
661
x-vercel-cache
MISS
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x17HB1%2FhHzQgknXpvw2h2ePguwoNeh%2FVKEAqy2ztSCH87nVOrP0PuqCsbwLBM7MZ%2F5L6IZPdxTgLGh%2BjCBM1huISZZVN3iGt5WeE1Fq2u%2BtfYwOBhd5UYL%2F6tYUshpvRR4O2crDNgdiAnxD0uRj7N3U%3D"}],"group":"cf-nel","max_age":604800}
location
/3.2.4
cache-control
max-age=14400
cf-ray
76a5cfb61a0c76f6-LHR
content-length
0
count.js
gc.zgo.at/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gc.zgo.at/count.js
Requested by
Host: cyberfeed.io
URL: https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
6bcae1eaede6699e89898eb0eb3b0b970f4e5107f6b453d45f7b75fc157e44a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cyberfeed.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id
01GHWYE3MPSANAFV6TSDHYBVF6
date
Tue, 15 Nov 2022 05:40:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
1660
etag
"8894f05d0e67bafaf25279dbff8bfd41-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public,max-age=7776000
accept-ranges
bytes
content-length
3023
124021.png
cdn-icons-png.flaticon.com/512/124/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-icons-png.flaticon.com/512/124/124021.png
Requested by
Host: cyberfeed.io
URL: https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:18d::312e Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
458e9be5140e142278f9fa82148d7b4129bb5655cc477064faa491bdb5d2ad4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cyberfeed.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
public
date
Tue, 15 Nov 2022 06:08:16 GMT
last-modified
Fri, 15 Oct 2021 00:56:54 GMT
x-amz-meta-goog-reserved-file-mtime
1468326933
etag
"88aa93c7d7d0b4f3bb45a0c7ad8f9a4b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-default-rule
YES
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-meta-x-goog-reserved-source-generation
1627226871440884
content-length
4696
expires
Tue, 15 Nov 2022 06:08:16 GMT
174857.png
cdn-icons-png.flaticon.com/512/174/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-icons-png.flaticon.com/512/174/174857.png
Requested by
Host: cyberfeed.io
URL: https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:18d::312e Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9eb6ffcfa297dc25aebd90fd7930e9d4ad724d8cd496d4621df28ddc29631d77

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cyberfeed.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
public
date
Tue, 15 Nov 2022 06:08:16 GMT
last-modified
Thu, 14 Oct 2021 12:22:41 GMT
x-amz-meta-goog-reserved-file-mtime
1493378542
etag
"30c453b7f5fbdb09ea0cb42a5dc7a6e5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-default-rule
YES
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-meta-x-goog-reserved-source-generation
1627225675164769
content-length
5823
expires
Tue, 15 Nov 2022 06:08:16 GMT
Generic_Feed-icon.svg
cyberfeed.io/app/static/ 		569 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cyberfeed.io/app/static/Generic_Feed-icon.svg
Requested by
Host: cyberfeed.io
URL: https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2880 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b6091c1ad7a193a34c02bb828bb4764b66d9e25c1627d2fc8cbe5d26fbf0dd4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:08:16 GMT
content-encoding
gzip
via
2 fly.io
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
190
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Nov 2022 17:12:42 GMT
fly-request-id
01GHVMVCG06B2TZ941782E9WCW-lhr
server
cloudflare
etag
3f0d8345db98b4e8596a9ebc53de0467
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxGEYMc93Oih%2Fq4IvsRVABUOEJdrdeIIAY5rnsB8SzVrZkYIn9UpTfSPz5sqvvoRp0c9lhaicRQqE6zcciHCYOJwaAmIFudRZaTl5Jt1dHL%2F14Rvs38gUKAM%2FkTNRXkEmhhOJmJGtp6fjsI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=120
cf-ray
76a5cfb749f171c8-LHR
trend_down.svg
cyberfeed.io/app/static/ 		326 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cyberfeed.io/app/static/trend_down.svg
Requested by
Host: cyberfeed.io
URL: https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2880 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a924db249437e837d92850fbd9add1b6b7302a16494620dd573984fcc8ae79e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:08:16 GMT
content-encoding
gzip
via
2 fly.io
cf-cache-status
REVALIDATED
last-modified
Mon, 14 Nov 2022 17:12:42 GMT
fly-request-id
01GHVY3XJD4N3F97RGZGGATHN9-lhr
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
9037b949b784f83dd5636e734299e1e2
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A58M6yNxb4vxvaNhWr4TfblxyO1gyjaY7kSeuR19KAVLYaIjIDwa7E5jZBwHmnGHmWfh%2FFtvBk2T5zV0I0lJXZ6%2FHrG5nosI5fP%2BWcI4NyGP9L3fYmI5XoXQQUmVtxxa%2B6NUfMABWM9dgsU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=120
cf-ray
76a5cfb749f271c8-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
apt41.jpg
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEimOqnGve_sdY3TvYVe06F2OR-eWJOK4Uskc_xRQkHBkqwdDvT3bczPfYCiEuieM73m02XHSfZ8hCGcCHmioV3G70RVMycfbFWzn2vOrx208x3dsJNJN_r1EMT2SR4mbqO3e2bhRzTZ8QulYPPPm... 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEimOqnGve_sdY3TvYVe06F2OR-eWJOK4Uskc_xRQkHBkqwdDvT3bczPfYCiEuieM73m02XHSfZ8hCGcCHmioV3G70RVMycfbFWzn2vOrx208x3dsJNJN_r1EMT2SR4mbqO3e2bhRzTZ8QulYPPPmKXCHiUC8kGC4RVlNq6lmSkD9E8_fnNgabbPw0hs/s728-e1000/apt41.jpg
Requested by
Host: cyberfeed.io
URL: https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d570a2bbc950ef6d00dc3600493dd6f401ff60d13e87315581820f2275694c20
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cyberfeed.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:08:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53553
cf-polished
origFmt=jpeg, origSize=63647
x-forwarded-for
41.137.42.2
content-disposition
inline; filename="apt41.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42134
x-xss-protection
0
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v22af"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x89AE5vEa9Ndu63TCsUJRaLnOibBxB7EhCHsQURFpe444dg5ZJ0zohAY0wULZQymtCqy%2FNQPK9KAEECjUY%2BXZKSv%2FkV32w5mwIAA0HTLbuv7KbiOop6rjch6%2FByPgH6evDZ7AIpAFYkyKTuzx5rD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges
bytes
cf-ray
76a5cfb7cbe70672-LHR
expires
Sun, 10 Aug 2025 15:15:43 GMT
2965879.png
cdn-icons-png.flaticon.com/512/2965/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-icons-png.flaticon.com/512/2965/2965879.png
Requested by
Host: cyberfeed.io
URL: https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:18d::312e Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2e6d94c939d649a4447ce14e72040aced47c86392158d6664296dafece4a2d9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cyberfeed.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:08:16 GMT
x-amz-meta-goog-reserved-file-mtime
1589449517
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
21144
pragma
public
last-modified
Thu, 14 Oct 2021 13:13:49 GMT
etag
"5c54e0466ca7c0f367446458d831e59e"
vary
Accept-Encoding
x-goog-generation
1634217229028326
content-type
image/png
access-control-allow-origin
*
x-default-rule
YES
cache-control
public, max-age=31536000
x-goog-stored-content-length
21144
accept-ranges
bytes
x-amz-meta-x-goog-reserved-source-generation
1627236690460637
expires
Tue, 15 Nov 2022 06:08:16 GMT
external_link.svg
cyberfeed.io/app/static/ 		383 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cyberfeed.io/app/static/external_link.svg
Requested by
Host: cyberfeed.io
URL: https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2880 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
279ba9d81045b86a49023b5130bf12ed8b726a520b8d6093a2f7ef1ad013853c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:08:16 GMT
content-encoding
gzip
via
2 fly.io
cf-cache-status
REVALIDATED
last-modified
Mon, 14 Nov 2022 17:12:42 GMT
fly-request-id
01GHVY3XP3P5GPKV7Y56MDG1NR-lhr
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
bbdc3bdb30ac49923c83a68f9f4d518d
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvI2IwPXfZpwuZg9IP3xa0lDHFLeVGcGROy%2BwuSO%2BPJCziXVOzR2WsBGCtgFC0Dw2WFYKCNbFktJaby9jiQpdjsR6mENqsObyBEGz0EynnbyervYbAgGHehVZrpuQmDXguALCatwwaIlHo0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=120
cf-ray
76a5cfb749f371c8-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7cH1v4okm5zmbvwkAx_sfcEuiD8jvvKsOdC_.woff2
fonts.gstatic.com/s/exo2/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v20/7cH1v4okm5zmbvwkAx_sfcEuiD8jvvKsOdC_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Exo+2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf93ee919fd9a032a2584a57fc3323e966cfd25615c76315fb2d04367abab188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cyberfeed.io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 01:46:14 GMT
x-content-type-options
nosniff
age
361322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15156
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:19:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 01:46:14 GMT
count
cyberfeed.goatcounter.com/ 		43 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cyberfeed.goatcounter.com/count?p=%2Farticle%2F9ea50c473b9807fdd79013a88e60f354&t=New%20%22Earth%20Longzhi%22%20APT%20Targets%20Ukraine%20and%20Asian%20Countries%20with%20Custom%20Cobalt%20Strike%20Loaders%20%7C%20Cyberfeed.io&s=1600%2C1200%2C1&b=0&rnd=fykfi
Requested by
Host: cyberfeed.io
URL: https://cyberfeed.io/article/9ea50c473b9807fdd79013a88e60f354
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:7e01::f03c:92ff:fe8f:edc6 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
/
Resource Hash
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb
Security Headers
Name Value
Content-Security-Policy img-src 'self' static.zgo.at data:; style-src 'self' static.zgo.at 'unsafe-inline'; font-src 'self' static.zgo.at; frame-ancestors 'none'; frame-src 'self'; default-src 'none'; script-src 'self' static.zgo.at; form-action 'self'; manifest-src 'self' static.zgo.at; connect-src 'self' wss:
Strict-Transport-Security max-age=7776000
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cyberfeed.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
img-src 'self' static.zgo.at data:; style-src 'self' static.zgo.at 'unsafe-inline'; font-src 'self' static.zgo.at; frame-ancestors 'none'; frame-src 'self'; default-src 'none'; script-src 'self' static.zgo.at; form-action 'self'; manifest-src 'self' static.zgo.at; connect-src 'self' wss:
strict-transport-security
max-age=7776000
x-content-type-options
nosniff
x-rate-limit-limit
4
content-encoding
gzip
x-rate-limit-remaining
4
date
Tue, 15 Nov 2022 06:08:16 GMT
age
0
via
1.1 varnish (Varnish/7.1)
content-length
56
x-frame-options
deny
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
x-varnish
952860919
cache-control
no-store,no-cache
x-rate-limit-reset
1
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| tailwind string| /template.html object| goatcounter

0 Cookies